thr3ads.net - openssh bugs - [Bug 3107] New: Mistake in config can result in fork bomb [Dec 2019]

If this information is useful, please help other people find it:
Share via:

bugzilla-daemon at bugzilla.mindrot.org

2019-Dec-21 10:25 UTC

[Bug 3107] New: Mistake in config can result in fork bomb

https://bugzilla.mindrot.org/show_bug.cgi?id=3107

            Bug ID: 3107
           Summary: Mistake in config can result in fork bomb
           Product: Portable OpenSSH
           Version: 8.1p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ssh
          Assignee: unassigned-bugs at mindrot.org
          Reporter: petoju at gmail.com

Created attachment 3343
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3343&action=edit
ssh_config causing fork bomb

When writing ssh_config, an innocuous mistake in ssh_config leads to a
fork bomb.
One example is this config, use it when connecting to any host:

Host proxy
        Hostname doesnotmatter.example.com
Host *
        ProxyJump proxy

OpenSSH client tries to connect to the proxy first. To connect to the
proxy, it has to connect to the very same proxy. It could be more
complicated, but the issue is in the cycle.

Why is it annoying: one can effectively kill own system like this by
mistake. No warning is provided.

What could OpenSSH do about it: warn that there is a cycle, recommend
excluding "proxy" from ProxyJump and bail out.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

bugzilla-daemon at bugzilla.mindrot.org

2019-Dec-21 10:28 UTC

head link

[Bug 3107] Mistake in config can result in fork bomb

https://bugzilla.mindrot.org/show_bug.cgi?id=3107

petoju at gmail.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |DUPLICATE

--- Comment #1 from petoju at gmail.com ---


*** This bug has been marked as a duplicate of bug 3057 ***

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

bugzilla-daemon at mindrot.org

2021-Apr-23 05:03 UTC

head link

[Bug 3107] Mistake in config can result in fork bomb

https://bugzilla.mindrot.org/show_bug.cgi?id=3107

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

--- Comment #2 from Damien Miller <djm at mindrot.org> ---
closing resolved bugs as of 8.6p1 release

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

openssh bugs - Dec 2019 - [Bug 3107] New: Mistake in config can result in fork bomb

[Bug 3107] New: Mistake in config can result in fork bomb

[Bug 3107] Mistake in config can result in fork bomb

[Bug 3107] Mistake in config can result in fork bomb