search for: pr_set_no_new_privs

At the risk of beating a dead horse, I'd like to see the chroot security checks relaxed a bit. On newer Linux kernels, there's a prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) that prevents privilege elevation (via setuid binaries, etc) for the caller and all of its descendants. That means that chroot(untrusted directory), prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0), setreuid(uid, uid), execve(a shell) is safe [1], even if the user can hardlink setuid programs i...

https://bugzilla.mindrot.org/show_bug.cgi?id=3639 Bug ID: 3639 Summary: server thread aborts during client login after receiving SSH2_MSG_KEXINIT Product: Portable OpenSSH Version: 9.2p1 Hardware: ARM OS: Linux Status: NEW Severity: critical Priority: P5 Component:

https://bugzilla.mindrot.org/show_bug.cgi?id=3702 Bug ID: 3702 Summary: sshd fork crashed when compiled with seccomp Product: Portable OpenSSH Version: 9.7p1 Hardware: ARM64 OS: Linux Status: NEW Severity: minor Priority: P5 Component: sshd Assignee: unassigned-bugs at

...aring seccomp filter sandbox debug2: Network child is on pid 5800 debug3: preauth child monitor started debug3: privsep user:group 22:22 [preauth] debug1: permanently_set_uid: 22/22 [preauth] debug3: ssh_sandbox_child_debugging: installing SIGSYS handler [preauth] debug3: ssh_sandbox_child: setting PR_SET_NO_NEW_PRIVS [preauth] debug3: ssh_sandbox_child: attaching seccomp filter program [preauth] debug3: append_hostkey_type: ssh-rsa key not permitted by HostkeyAlgorithms [preauth] debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 [preauth] fatal: ssh_sandbox_violation: unexpec...

https://bugzilla.mindrot.org/show_bug.cgi?id=2590 Bug ID: 2590 Summary: Seccomp filter for missing architectures Product: Portable OpenSSH Version: 7.2p1 Hardware: Other OS: Linux Status: NEW Keywords: patch Severity: enhancement Priority: P5 Component: sshd

On 30/06/2023 09:56, Damien Miller wrote: > It's very hard to figure out what is happening here without a debug log. > > You can get one by stopping the listening sshd and running it manually > in debug mode, e.g. "/usr/sbin/sshd -ddd" Or starting one in debug mode on a different port, e.g. "-p99 -ddd"

...x04000000 debug2: fd 3 setting O_NONBLOCK debug3: ssh_sandbox_init: preparing seccomp filter sandbox debug2: Network child is on pid 17293 debug3: preauth child monitor started debug3: privsep user:group 39:38 [preauth] debug1: permanently_set_uid: 39/38 [preauth] debug3: ssh_sandbox_child: setting PR_SET_NO_NEW_PRIVS [preauth] debug3: ssh_sandbox_child: attaching seccomp filter program [preauth] debug1: monitor_read_log: child log fd closed debug3: mm_request_receive entering debug1: do_cleanup debug1: Killing privsep child 17293 Adding --with-sandbox=rlimit to the configure options solved the problem so it mu...

...7 11:52:15 TOTO sshd[19126]: debug3: preauth child monitor started Jul 7 11:52:15 TOTO sshd[19126]: debug3: privsep user:group 106:65534 [preauth] Jul 7 11:52:15 TOTO sshd[19126]: debug1: permanently_set_uid: 106/65534 [preauth] Jul 7 11:52:15 TOTO sshd[19126]: debug3: ssh_sandbox_child: setting PR_SET_NO_NEW_PRIVS [preauth] Jul 7 11:52:15 TOTO sshd[19126]: debug3: ssh_sandbox_child: attaching seccomp filter program [preauth] Jul 7 11:52:15 TOTO sshd[19126]: debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ssh-rsa [preauth] Jul 7 11:52:15 TOTO sshd[19126]: debug3: send packet: type 20 [preauth] Jul 7...