Andrew Stribblehill
2001-Jan-16 16:53 UTC
ssh drops privs when it can't find ~/.ssh/prng_seed
I'm using OpenSSH 2.3.0p1. When my users use ssh for the first
time, using rhosts authentication, entropy.c drops the privs in
prng_write_seedfile() at the setuid(original_uid) line (line 550,
approx):
void
prng_write_seedfile(void) {
int fd;
char seed[1024];
char filename[1024];
struct passwd *pw;
/* Don't bother if we have already saved a seed */
if (prng_seed_saved)
return;
setuid(original_uid);
/* ^^^^^^^^^^^^^^^^^^^^ ***HERE*** */
prng_seed_saved = 1;
pw = getpwuid(original_uid);
if (pw == NULL)
fatal("Couldn't get password entry for current user (%i): %s",
original_uid, strerror(errno));
/* Try to ensure that the parent directory is there */
snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir,
SSH_USER_DIR);
mkdir(filename, 0700);
snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir,
SSH_PRNG_SEED_FILE);
debug("writing PRNG seed to file %.100s", filename);
RAND_bytes(seed, sizeof(seed));
/* Don't care if the seed doesn't exist */
prng_check_seedfile(filename);
if ((fd = open(filename, O_WRONLY|O_TRUNC|O_CREAT, 0600)) == -1) {
debug("WARNING: couldn't access PRNG seedfile %.100s (%.100s)",
filename, strerror(errno));
} else {
if (atomicio(write, fd, &seed, sizeof(seed)) != sizeof(seed))
fatal("problem writing PRNG seedfile %.100s (%.100s)", filename,
strerror(errno));
close(fd);
}
}
Can anyone explain firstly why it does this, and secondly how I
can stop it?
Thanks,
Andrew Stribblehill
Systems programmer, IT Service, University of Durham, England
On Tue, 16 Jan 2001, Andrew Stribblehill wrote:> I'm using OpenSSH 2.3.0p1. When my users use ssh for the first > time, using rhosts authentication, entropy.c drops the privs in > prng_write_seedfile() at the setuid(original_uid) line (line 550, > approx):> Can anyone explain firstly why it does this, and secondly how I > can stop it?Try the below patch, which causes seeds to be only written upon exit. Index: entropy.c ==================================================================RCS file: /var/cvs/openssh/entropy.c,v retrieving revision 1.22 diff -u -r1.22 entropy.c --- entropy.c 2000/11/24 23:09:32 1.22 +++ entropy.c 2001/01/16 22:29:37 @@ -601,12 +601,7 @@ debug("loading PRNG seed from file %.100s", filename); if (!prng_check_seedfile(filename)) { - verbose("Random seed file not found, creating new"); - prng_write_seedfile(); - - /* Reseed immediatly */ - (void)stir_from_system(); - (void)stir_from_programs(); + verbose("Random seed file not found or not valid, ignoring."); return; } -- | ``We've all heard that a million monkeys banging on | Damien Miller - | a million typewriters will eventually reproduce the | <djm at mindrot.org> | works of Shakespeare. Now, thanks to the Internet, / | we know this is not true.'' - Robert Wilensky UCB / http://www.mindrot.org