bugzilla-daemon at mindrot.org
2002-Nov-01 15:38 UTC
[Bug 423] New: Workaround for pw change in privsep mode (3.5.p1)
http://bugzilla.mindrot.org/show_bug.cgi?id=423
Summary: Workaround for pw change in privsep mode (3.5.p1)
Product: Portable OpenSSH
Version: 3.5p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: openssh-unix-dev at mindrot.org
ReportedBy: michael_steffens at hp.com
The attached patch provides a workaround for changing expired
passwords on login with sshd running in privsep mode. It does
so by delegating the the change dialog to a suid helper program.
(Yes, yet another one :)
The patch incorporates the HP-UX trusted system patch by
Dan Wanek, submitted with [BUG 419].
I have tested this patch successfully on
Linux (Debian with libpam0g 0.72-32)
HP-UX 11.00 and 11.11, both trusted and non-trusted mode
Solaris 2.7
It seems to be even a bit more robust than the builtin
change routine for non-privsep mode, which crashes
on trusted systems when using the dialog options
for random generated passwords. (No idea why, unfortunately)
The ssh-chauthtok-helper passed them flawlessly.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
Maybe Matching Threads
- [Bug 423] Workaround for pw change in privsep mode (3.5.p1)
- [Bug 423] Workaround for pw change in privsep mode (3.5.p1)
- [Bug 423] Workaround for pw change in privsep mode (3.5.p1)
- [Bug 423] Workaround for pw change in privsep mode (3.5.p1)
- [Bug 423] Workaround for pw change in privsep mode (3.5.p1)
Wisdom of the Ancients
