Hello, For a key exchange algorithm I'm working on, I would like to keep a little bit of shared state between the main server process and the processes that clients connect to. So far, I'm considering mmap for the purpose. But I cannot figure out where I need to put the mmap initialization call, where it would be called at server startup (before any fork()s/exec()s), and never again. Could someone please briefly explain how OpenSSH manages its various processes - such as when processes are created and where in the code that happens? Thanks in advance! Georgi -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part. Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20080701/ec34b470/attachment.bin
Georgi Chulkov wrote:> Hello, > > For a key exchange algorithm I'm working on, I would like to keep a little bit > of shared state between the main server process and the processes that > clients connect to. So far, I'm considering mmap for the purpose. > > But I cannot figure out where I need to put the mmap initialization call, > where it would be called at server startup (before any fork()s/exec()s), and > never again. > > Could someone please briefly explain how OpenSSH manages its various > processes - such as when processes are created and where in the code that > happens?Try Neils Provos' paper on privsep: http://www.citi.umich.edu/u/provos/ssh/privsep.html If you still have questions after reading that, then please feel free to ask here. -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
Hello again, I have noticed that when a connection is made to the main sshd process, it first forks, and then execv()s itself, thur restarting itself completely. What is the reason for the execv()? My other concern is that I would like to have some global state inherited from the main sshd process to all forked processes, which is however sensitive data. Is it safe to pass it as a command-line argument during the execv() call? Thanks. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part. Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20080704/9b439588/attachment.bin
Georgi Chulkov wrote:> Hello again, > > I have noticed that when a connection is made to the main sshd process, it > first forks, and then execv()s itself, thur restarting itself completely. > What is the reason for the execv()?Some security measures, in particular address space layout randomization, are only applied at exec time. Doing this means that each connection gets a unique layout rather than a clone of the original sshd. See: http://www.openbsd.org/papers/openssh-measures-asiabsdcon2007.pdf http://www.openbsd.org/papers/ven05-deraadt/index.html> My other concern is that I would like to have some global state inherited from > the main sshd process to all forked processes, which is however sensitive > data. Is it safe to pass it as a command-line argument during the execv() > call?No, command line arguments are visible to all users on many systems. See sshd.c:send_rexec_state() for how sshd sends some state to the new copy (via a pipe). -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.