search for: privsep

Hi, This is included in the release now; any feedback? Privilege separation, or privsep, is method in OpenSSH by which operations that require root privilege are performed by a separate privileged monitor process. Its purpose is to prevent privilege escalation by containing corruption to an unprivileged process. More information is available at: http://www.citi.umich.edu/u/provos/...

Hello! Please consider including the attached patch in the next release. It allows one to drop privilege separation code while building openssh by using '--disable-privsep' switch of configure script. If one doesn't use privilege separation at all, why don't simply allow him to drop privilege separation support completely? -- Sincerely Your, Dan. -------------- next part -------------- diff -adurN openssh-3.7.1p2.privsep/Makefile.in openssh-3.7.1p...

http://bugzilla.mindrot.org/show_bug.cgi?id=1189 wknox at mitre.org changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|Stacked PAM modules hang |PAM module hangs root logout |root logout | ------- Comment #12 from wknox at mitre.org 2006-05-22

http://bugzilla.mindrot.org/show_bug.cgi?id=329 Summary: gmake install prefix=... does not work with the privsep-path Product: Portable OpenSSH Version: -current Platform: MIPS OS/Version: IRIX Status: NEW Severity: normal Priority: P2 Component: Build system AssignedTo: openssh-unix-dev at mindrot.org ReportedBy:...

What do we loose by not having post-auth privsep? What code is executed between authorization and actual setting of the effective uid? On Tue, 3 Sep 2002, Chris Adams wrote: > Once upon a time, Toni L. Harbaugh-Blackford <harbaugh at nciaxp.ncifcrf.gov> said: > > It appears that the integration of the sia session setup will...

Hi, OpenSSH 6.1 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This release contains a couple of new features and bug fixes. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is also available

...SIX_THREADS in our HP-UX build of OpenSSH. When we connect a non-root user with PAM [pam-kerberos] then I get the following error. debug3: PAM: opening session debug1: PAM: reinitializing credentials PAM: pam_setcred(): Failure setting user credentials This is particularly for non-root users with PrivSep YES. When I connect to a root user with PrivSep YES or to a non-root user with PrivSep NO, then no issues. This is tested on 3.7.1p2 and 3.8.1p1 and two versions behave alike. This is not the case when USE_POSIX_THREADS is disabled and it works for PrivSep yes and no for root and non-root users....

Hi, I've seen a few patches related to the PrivSep works. As far as I can see, it seems to work by using a shared memory segment to communicate. I just want to point out that there are some unix systems that do not have mmap() (SCO, older SVR3 systems) or that might have problems with anonymous shared mmap() (don't have an examples, but e.g....

Hi. If sshd is configured to use PAM and UsePrivilegeSeparation=no or you are logging is as root, any messages returned by PAM session modules are not displayed to the user. (Even when the config file has privsep=yes, logging in as root disables privsep anyway since there's no point, so it behaves the same way as privsep=no). I think I've figured out why: when privsep=no, do_pam_session is called *after* display_loginmsg, so the PAM messages are stored too late to be displayed to the user. O...

Hi all. I have a question regarding privsep. Firstly, the following is my understanding of what happens when privsep is enabled: The sshd daemon is running as root listing on 22(a). When a connection is accepted, a child is forked to handle the connection, this child becomes the monitor(b). The monitor forks the pre-auth privsep slave(c...

http://bugzilla.mindrot.org/show_bug.cgi?id=939 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED ------- Comment #2 from dtucker at zip.com.au 2006-10-07 11:37 ------- Change all RESOLVED bug to CLOSED with the exception

Hello, I updated the latest snapshot as RPM's to two of my systems. Basic stuff seems to be working ok. Privilege separation failed though, possibly because I didn't populate /var/empty with PAM entries. Privsep might be a bit raw in any case, at least for the portable. FWIW, I came across error message 'sshd: no user' and had to scratch my head a bit to figure out what it meant. I suggest changing the order to be more in sync with other similar code paths. Patch attached. -- Pekka Savola...

Hi. Solaris packages created by buildpkg.sh don't create privsep user or group and sshd won't start until they are created (or privsep is disabled): ## Executing postinstall script. starting /usr/local/sbin/sshd... Privilege separation user sshd does not exist /etc/init.d/opensshd: Error 255 starting /usr/local/sbin/sshd... bailing. The attached patch (ag...

...ap? --- openssh-4.2p1/auth-rhosts.c~ 2005-07-17 08:22:45.000000000 +0100 +++ openssh-4.2p1/auth-rhosts.c 2006-01-07 18:14:32.000000000 +0000 @@ -289,7 +289,9 @@ auth_rhosts2(struct passwd *pw, const ch auth_debug_reset(); ret = auth_rhosts2_raw(pw, client_user, hostname, ipaddr); +#ifdef USE_PRIVSEP if (!use_privsep) +#endif auth_debug_send(); return ret; } --- openssh-4.2p1/auth2.c~ 2005-07-17 08:26:44.000000000 +0100 +++ openssh-4.2p1/auth2.c 2006-01-07 18:52:24.000000000 +0000 @@ -175,8 +175,10 @@ input_userauth_request(int type, u_int32 use_privsep ? " [net]" : &qu...

http://bugzilla.mindrot.org/show_bug.cgi?id=270 ------- Additional Comments From dtucker at zip.com.au 2002-06-09 19:59 ------- Created an attachment (id=111) sshd output on AIX w/PrivSep ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=354 Summary: sshd with privsep doesn't do pam session setup properly Product: Portable OpenSSH Version: -current Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at m...

Has anybody got privsep and compression working together on Solaris 2.6 and 2.5.1? I have no problem getting it working under Solaris 8, but on 2.5.1/2.6 it says: # ./sshd -p 6666 This platform does not support both privilege separation and compression Compression disabled -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~...

Well, after digging around and thinking some more, I'm giving up on the idea of preallocating a TTY to get post-auth privsep working on Tru64. I don't think it will work, because just allocating a TTY doesn't fix the problem - there's no valid way to tie that TTY back to the client process (because it hasn't requested a TTY yet and may not ever do so). The problem is that the Tru64 session setup routines...

http://bugzilla.mindrot.org/show_bug.cgi?id=926 ------- Comment #8 from djm at mindrot.org 2006-05-22 15:12 ------- I don't understand - surely the limits should be applied in the *child* process and not the parent process? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

Hi, I'm unable to get Kerberos4 authentication working with openssh-3.4p1. I'm getting a message that privsep is not available on my platform (Irix 6.5.15) and another message stating that compression and privsep are mutually exclusive. But, ssh decided to turn off compression, I think because of servconf.c. I think it would be more usefull to have compression enabled and disable privsep as the encryption...