Displaying 20 results from an estimated 20000 matches similar to: "0.99.14-rc2"
2007 Apr 24
2
chmod sftp command and setgid/setuid bit
Hi OpenSSH developers,
I'm using OpenSSH on a daily basis and I'm very pleased
with the work you've done.
I am contributing to some Open Source software hosted at Savannah
https://savannah.nongnu.org/projects/tsp
and we recently hit some sftp unexpected behavior:
https://savannah.gnu.org/support/?105838
when using chmod sftp client command
it appears that setuid / setgid bits are
2005 Jul 06
1
setuid/setgid bits
version: rsync v2.6.1 (+ a minor, unrelated patch).
I'm rsyncing files (not as root) and am happy (indeed, for what I
want, delighted) that the files at the target side end up owned by the
account doing the rsync.
However, I've found that if I have a setuid/setgid file on the source
side, the target file ends up setuid/setgid too (but under a different
id!). This happens whether
2001 Oct 08
2
Porting OpenSSH 2.9.9p2 to Dynix V4.4.4
Hello Porters,
I am attempting to compile OpenSSH 2.9.9p2 on a Dynix V4.4.4 host.
I have set USE_PIPES and BROKEN_SAVED_UIDS (the latter because there are
no functions for set{eu,eg}id() that I can find). I configured with
"./configure '--with-libs=-lnsl -lsec'".
Each time I attempt to login, I get this error:
No utmp entry. You must exec "login" from
2001 Dec 20
3
OpenSSH-sparc-3.0.2p1.pkg: /usr/local conflicting file
Hi,
Trying to install the Solaris package I made after configure/compilation
under Solaris 8.
My configure settings
---------------------
OpenSSH has been configured with the following options:
User binaries: /usr/local/bin
System binaries: /usr/local/sbin
Configuration files: /usr/local/etc
Askpass program: /usr/local/libexec/ssh-askpass
2011 Apr 21
7
[Bug 1893] New: change ssh-keisign to setgid from setuid
https://bugzilla.mindrot.org/show_bug.cgi?id=1893
Summary: change ssh-keisign to setgid from setuid
Product: Portable OpenSSH
Version: 5.8p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: Miscellaneous
AssignedTo: unassigned-bugs at mindrot.org
2002 Mar 12
2
Patch: --drop-suid Remove suid/sgid from target files
The attached patch adds an option --drop-suid which caused rsync to drop
setuid/setgid permissions from the destination files.
ie, even if the source file is setuid, the target file will not be.
Added as we want to rsync the same files to machines both inside and outside
our firewalls. For machines inside the firewall some files should be suid,
for machines outside the firewalls they should
2017 Feb 13
0
[cifs-utils PATCH] cifs.upcall: switch group IDs when handling an upcall
Currently, we leave the group ID alone, but now that we're looking at
KRB5CCNAME, we need to be a little more careful with credentials. After
we get the uid, do a getpwuid and grab the default gid for the user.
Then use setgid to set it before calling setuid.
Signed-off-by: Jeff Layton <jlayton at samba.org>
---
cifs.upcall.c | 37 +++++++++++++++++++++++++++++++++++++
1 file changed,
1997 Feb 24
1
libX11
###### ## ## ######
## ### ## ##
###### ## # ## ##
## ## ### ##
###### . ## ## . ######.
Secure Networks Inc.
Security Advisory
February 24, 1997
2019 Jan 02
0
Several problems on Solaris10
On Tue, Jan 1, 2019 at 7:26 PM Sami Ketola <Sami.Ketola at open-xchange.com>
wrote:
> Believe me it does. I used to work for Sun Microsystems for 14 years in
> Solaris support and sustaining and I can guarantee you that it does.
>
> You problem is that Solaris has concept of Secure Runtime Linker, and for
> trusted applications most of LD_CONFIG and LD_LIBRARY_PATH is ignored
2004 Feb 10
1
applying permissions to subdirectories using setgid doesn't do th e trick... :(
Dear list.
I have a problem that I cannot seem to get rid of.
I have a directory/share (on linux) called "smb" containing four
subdirectories. This directory will be 'exported' using samba.I would like
to have different permissions on the different subdirectories. This works,
except for this one directory (called temp) that I want to be read/write for
everybody.
Using force
2001 Apr 25
0
NeXT // Broken _POSIX_SAVED_ID patch
Ok, for those running NeXT and other platforms with broken/missing
_POSIX_SAVED_ID please try this patch, and anyone that has spent any
amount of time dealing with this problem.
I believe it's right.
BTW, this patch is no where near as big as it looks. The patch was
done against an earily version of the tree which had an issue with
white space.
- Ben
--- ../openssh/uidswap.c Sun Apr 22
2001 Oct 08
1
Ported OpenSSH 2.9.9p2 to Dynix
Hello Porters,
I've finally (thanks to Wendy Palm of Cray) ported OpenSSH to
Dynix v4.4.4. I had to make sure that "UseLogin" was set to "no" in the
sshd_config file. Also, here are the old-style contextual diffs (obtained
with 'diff -c' on the Dynix box) of the two files I had to change:
*** configure Sat Jun 16 17:09:50 2001
--- configure.new Mon Oct 8
2001 May 04
1
RSARhosts / Hostbased auth and euid=0 requirement
I'm not happy with ssh being setuid root. I know that the long-term goal is
to have a seperate host-key-management process, but that is a ways off.
Until then, I'd like to propose the following:
- Allow ssh to read alternate key files.
This would allow the ssh client to use keyfiles different from the ones
sshd uses. I know that this can be done now by changing the ones sshd uses,
1998 Feb 03
0
serious security problem in XKB
The Neverending Story of X11 Insecurity continues...
Summary:
On a system where X11R6.3-based Xserver with XKEYBOARD extension (R6.1 is
probably affected too) is run in setuid or setgid enviroment (e.g. typical
XFree86 installation has XF86_* installed setuid root), local users can
exploit a "feature" of XKB implementation to execute arbitrary commands
with the extra privileges.
2009 Aug 02
0
Disable networking
I saw the notes about blocking networking on the advanced wine user information wiki (http://wiki.jswindle.com/index.php/Advanced_Wine_User_Information#Blocking_Network_access_to_Software_running_on_Wine) and I thought I'd try to come up with something a bit easier than running the application as a particular user:
(add the "nonet" group)
Code:
# groupadd nonet
(setup the
2008 Feb 03
1
Chrooted R + Rserve
I successfully chrooted R running Rserve with an unprivileged user,
and thought I'd publish the process.
Attached is a jailkit.ini for use with jailkit;* and a chroot/setuid
wrapper, chwrap.c.
To set up the chroot in, for instance, /var/R; perform:
mkdir -v /var/R
jk_init -v -c jailkit.ini -j /var/R R
then create the unprivileged user `r':
useradd r
After compiling chwrap
2007 Feb 08
1
deliver LDA permission problem
Hello,
I'm trying to get deliver LDA working with postfix in a virtual domain
configuration.
I'm using dovecot v1.0.rc10. My setup is pretty much exactly as in the wiki
(only the path to deliver and auth-master socket are different).
I'm having a little problem with permissions and this occurred which I think is
undesirable:
syslog:
Feb 8 13:09:35
2001 Nov 20
2
rsync server over SSH [includes code patches]
Hi Folks --
I've recently had the need to add a piece of functionality to rsync
that allows one to run 'rsync --daemon' (rsync in "rsync server" mode)
over SSH. My main goal was to be able to use some of the features
from rsyncd.conf(5) (notably modules) while still using SSH for
authentication and network transport.
Background: I wanted to have the capability of setting
2002 Mar 07
0
[Bug 136] New: setgid() deemed to fail for non-suid ssh client on linux if using other than primary group
http://bugzilla.mindrot.org/show_bug.cgi?id=136
Summary: setgid() deemed to fail for non-suid ssh client on linux
if using other than primary group
Product: Portable OpenSSH
Version: 3.0.2p1
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: ssh
2019 Feb 11
2
sshd and pam_winbind (Samba)
Hello openssh developers,
long time no see :-)
there is a bug in sshd with *nix machines joined to Active Directory using
Samba's winbind daemon.
The problem is that with cold caches, a user logging in via ssh gets possibly
the wrong primary gid assigned. Let me try to explain in detail:
In Active Directory (AD) you only get a correct access token (group
memberships of a user) during