similar to: [Bug 252] Patch for use of /etc/default/login

Hello, in the BSD Authentication system the login script can request environment variables to be set/unset. The call to auth_close() in auth-passwd.c does change the current environment, but those changes are lost for the child environment. It would be really useful to add some kind of mechanism to get those changes into the child environment. I've added two possible solutions. Both

This is the 1st revision of the Advisory. This document can be found at: http://www.openssh.com/txt/buffer.adv 1. Versions affected: All versions of OpenSSH's sshd prior to 3.7 contain a buffer management error. It is uncertain whether this error is potentially exploitable, however, we prefer to see bugs fixed proactively. 2. Solution: Upgrade to OpenSSH

I had a problem much like the one that Matthias Koeppe experienced. I would only get the BUS error when running in a YASSP-modified system, though. The binary worked fine on a non-YASSP host. I applied his change to use a long for the mask, and it works now. Cheers, -Thomas __________________________________ Do you Yahoo!? The New Yahoo! Shopping - with improved product search

Hi, I'm sure I'll get a few "RTFM", but I hope I'll allay those feelings. I'm getting the "scp: command not found". I've read the FAQ. I've read bugs 42 and 82 in bugzilla. Hopefully, I didn't overlook something. At a minimum, defines.h has : #ifdef USER_PATH # ifdef _PATH_STDPATH # undef _PATH_STDPATH # endif # define _PATH_STDPATH

Hi, below is a patch which simply removes a Cygwin-specific piece of code from OpenSSH. Input from a system admin educated me how useful this option could be on Cygwin as well. However, way back when the call to read_etc_default_login got disabled on Cygwin hardcoded in session.c, rather than just setting --disable-etc-default-login when building the Cygwin version of OpenSSH. So, here's

Dear Sirs, on my Linux (distribution Slackware 3.9), I have installed the ``openssh-1.2.2.tar.gz'' package into the /usr/local/bin directory. In the ``sshd.c'' file, the PATH variable is set up: child_set_env(&env, &envsize, "PATH", _PATH_STDPATH); (line no. 2405). I am unable to connect to my machine using scp. _PATH_STDPATH is

Hi, the following patch changes the Cygwin specific function copy_environment() to not restricting the strlen of a single environment variable to 512 byte. The PAM specific function do_pam_environment() (also in session.c) has the same problem but I don't know if that's important for PAM since only PAM specific environment variables are copied in that function. The below patch fixes

If an ssh server receives a tun/tap tunnel request and sets up the tunnel concerned, as far as I can see there is currently no way for the server to configure the tunnel in a manner dependent upon (e.g) the key used to set up the ssh session. Whilst an id based on the key can be passed to the ssh child process, where the tunnel is dynamically allocated, its tunnel name is lost. This patch

http://bugzilla.mindrot.org/show_bug.cgi?id=1043 Summary: Trusted IRIX Support Product: Portable OpenSSH Version: 4.0p1 Platform: MIPS OS/Version: IRIX Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org ReportedBy: josterm at raytheon.com sshd

I am not 100% positive of the security implications of this, but I really can't see any potential for harm. If this patch is applied (I coded it against the now-current openssh-2.2.0p1), then if (a) the authorized_keys entry has command="whatever" to force a specific command, and also (b) the invoker specified some command on their ssh cmdline, then the invoked command will be

http://bugzilla.mindrot.org/show_bug.cgi?id=82 djm at mindrot.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |WORKSFORME ------- Additional Comments From djm at mindrot.org 2002-01-26 10:14

Hi All. While wandering in auth-pam.c I noticed that there's a few Portable-specific escapees from the xmalloc(foo * bar) cleanup. There's also a "probably can't happen" integer overflow in ssh-rand-helper.c with the memset: num_cmds = 64; - entcmd = xmalloc(num_cmds * sizeof(entropy_cmd_t)); + entcmd = xcalloc(num_cmds, sizeof(entropy_cmd_t));

Hi, I'm trying to call the function main passing arbitrary parameters. My code is something like: Please note that MyInterpreter extends Interpreter StringRef filename = argv[1]; std::unique_ptr<Module> m(parseIRFile(filename, error, context)); MyInterpreter * v = new MyInterpreter(std::move(m)); v->finalizeObject(); errs() << "Done\n";

Dear R developer, I am not quite sure, if I should post my concern as a wish to r-bugs at r-project.org. Thus, as recommended, I first send an email to you. My request is the following: I would appreciate, if it was possible to obtain a plot of a 'stepfun' with a strict interpretation of xlim. What I mean: sf <- stepfun(1:4, 1:5) plot(sf, xlim=c(0,10)) does not bound the function to

Hi, I'm a developer of a static analysis tool canalyze. Recently I applied it to Openssh-6.2p1. It seems some reports are real after by manually checking: 1. Use undefined value file: dispatch.c function: dispatch_run At line 93: type = packet_read_poll_seqnr(&seqnr); seqnr may not be override at file: packet.c function: packet_read_poll_seqnr line 1442 where compat20 is 0. 2. Null

gccld passes -shared through if it's generating a shared library, but if you're compiling a program that needs to have its symbols externally accessible, it doesn't pass -export-dynamic through to gcc for the final link. The attached patch fixes this. I've tested with a small test case I sent Chris, and with Python; both seem to work. I also fixed some inaccurate comments in

When virtio-blk device is resized from host (using block_resize from QEMU) emit KOBJ_CHANGE uevent to notify guest about such change. This allows user to have custom udev rules which would take whatever action if such event occurs. As a proof of concept I've created simple udev rule that automatically resize filesystem on virtio-blk device. ACTION=="change", KERNEL=="vd*",

When virtio-blk device is resized from host (using block_resize from QEMU) emit KOBJ_CHANGE uevent to notify guest about such change. This allows user to have custom udev rules which would take whatever action if such event occurs. As a proof of concept I've created simple udev rule that automatically resize filesystem on virtio-blk device. ACTION=="change", KERNEL=="vd*",

Specifying a RemoteForward of 0:example.com:1234 dynamically allocates the listen port on the server, and then reports it to ... the client! Where it is practically useless. Was this someone's idea of a joke? Presumably not--there are some technical obstacles to reporting it to the remote process. I'd like to help solve that problem. The natural way to me would be to extend the syntax

The following patch appears to fix the BUS error received on Solaris 8. This problem manifests as an immediate disconnect with no apparent cause immediately after authentication with the host. --- Darren Tucker <dtucker at zip.com.au> wrote: > Date: Tue, 30 Sep 2003 09:35:26 +1000 > From: Darren Tucker <dtucker at zip.com.au> > Subject: Re: Bus Error with OpenSSH 3.7.1p2 on