search for: broken_fd_passing

...expired, etc. The interactive cases obviously don't work on non-TTY logins right now, but I don't want to break them for the TTY cases too where they currently work. Just add Tru64 to the set of platforms that can't do post-auth privsep (I still don't think it should be flagged as BROKEN_FD_PASSING because FD passing does work on Tru64, but whatever). -- Chris Adams <cmadams at hiwaay.net> Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble.

...-p -r1.73 configure.ac --- configure.ac 28 Jun 2002 00:37:33 -0000 1.73 +++ configure.ac 4 Jul 2002 09:13:30 -0000 @@ -86,6 +86,7 @@ case "$host" in AC_DEFINE(IPV4_DEFAULT) AC_DEFINE(IP_TOS_IS_BROKEN) AC_DEFINE(NO_X11_UNIX_SOCKETS) + AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT) AC_DEFINE(BROKEN_FD_PASSING) AC_DEFINE(SETGROUPS_NOOP) ;; Index: readconf.c =================================================================== RCS file: /cvs/openssh_cvs/readconf.c,v retrieving revision 1.75 diff -u -p -r1.75 readconf.c --- readconf.c 21 Jun 2002 00:41:52 -0000 1.75 +++ readconf.c 4 Jul 2002 09:13:31 -00...

On Mon, Jun 24, 2002 at 03:00:10PM -0600, Theo de Raadt wrote: > Date: Mon, 24 Jun 2002 15:00:10 -0600 > From: Theo de Raadt <deraadt at cvs.openbsd.org> > Subject: Upcoming OpenSSH vulnerability > To: bugtraq at securityfocus.com > Cc: announce at openbsd.org > Cc: dsi at iss.net > Cc: misc at openbsd.org > > There is an upcoming OpenSSH vulnerability that

On Mon, Jun 24, 2002 at 03:00:10PM -0600, Theo de Raadt wrote: > Date: Mon, 24 Jun 2002 15:00:10 -0600 > From: Theo de Raadt <deraadt at cvs.openbsd.org> > Subject: Upcoming OpenSSH vulnerability > To: bugtraq at securityfocus.com > Cc: announce at openbsd.org > Cc: dsi at iss.net > Cc: misc at openbsd.org > > There is an upcoming OpenSSH vulnerability that

http://www.eviladmin.org/~mouring/openssh.tar.gz If there are any issues that are not marked as known. Let us know ASAP. - Ben

...8,9 @@ /* Define if you have the `mmap' function that supports MAP_ANON|SHARED */ #undef HAVE_MMAP_ANON_SHARED +/* Define if mmap of /dev/zero gives an anonymous memory region. */ +#undef HAVE_MMAP_DEV_ZERO + /* Define if sendmsg()/recvmsg() has problems passing file descriptors */ #undef BROKEN_FD_PASSING --- ./servconf.c Mon Jun 24 23:22:04 2002 +++ ../openssh-3.4p1/./servconf.c Wed Jun 26 17:54:55 2002 @@ -257,7 +257,7 @@ if (use_privsep == -1) use_privsep = 1; -#if !defined(HAVE_MMAP_ANON_SHARED) +#if !defined(HAVE_MMAP_ANON_SHARED) && !defined(HAVE_MMAP_DEV_ZERO) if (use_privs...

Outside the pre-auth patch by Markus to fix Cygwin and a few other platforms. SEND ME (privately) ANY required patch against the lastest snapshot. I'm doing the final commits this evening. Patches that have been temporary rejected for this release. - Owl's full patch for SysV Shm if mmap fails - mmap() on /dev/zero - mmap() on sparse file .. Not looked at the BSD/OS 5.0 patch

...ne, but I'm still running into problems with the SIA session > > > > > not accepting the sia session establish command. > > > > > > > > > > You can gain pre-authenation privsep security by setting > > > > > 'BROKEN_FD_PASSING' in config.h and recompiling. This will do privillege > > > > > seperation up through the login screen, but it will then revert back to > > > > > standard way of handling SSH sessions afterwards (single process). > > > > > > &...

http://bugzilla.mindrot.org/show_bug.cgi?id=296 ------- Additional Comments From bugzilla-openssh at thewrittenword.com 2002-06-26 01:20 ------- Are you sure? I have 3.3p1 running on 4.0D and 5.1 and I can connect as non-root. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.