similar to: [Bug 715] usage of BROKEN_SETREUID/BROKEN_SETREGID considered harmful

Displaying 20 results from an estimated 2000 matches similar to: "[Bug 715] usage of BROKEN_SETREUID/BROKEN_SETREGID considered harmful"

2003 Sep 16
1
OpenSSH 3.7p1, PrivSep, and Tru64 broken (sorry)
Well, I had just finally gotten around to downloading a snapshot to test the latest on Tru64 a couple of days ago but hadn't had a chance to build it yet, and 3.7p1 has now been released. Sigh. The problem is that Tru64 setreuid() and setregid() are broken, so privsep doesn't work. This could also be a security problem for SIA authentication in general (any version of OpenSSH on Tru64,
2004 Aug 25
6
sshd 3.9p1 under Reliant Unix 5.45: getpeername: Operation not supported on transport endpoint
The following is special to sshd 3.9p1 under ReliantUnix 5.45. It does not occur under ReliantUnix 5.43 nor under Solaris 5.8: `pwd`/sshd-3.9 -e -D -d -d -d Now connecting from outside [...] debug1: inetd sockets after dupping: 3, 3 debug1: get_port() calls get_sock_port(3) debug1: getpeername failed: Operation not supported on transport endpoint lsof proves FD 3 is an established TCP
2001 Aug 20
4
[PATCH] some patches for Fujitsu-Siemens ReliantUNIX, minor fixes and XXXes
Hi, attached please find some patches for ReliantUNIX. This was tested under Reliant UNIX V5.43C40 with Compiler CDSDEV V2.0C00. Here is what I did: - there is a common misunderstanding how to use /usr/libucb/libucb.a: There are some library functions only in libucb.a under ReliantUNIX, so one needs to bind it. The problem is: there are some other functions in this library you should never
2003 Sep 17
8
[Bug 657] Priv seperation causes setreuid error
http://bugzilla.mindrot.org/show_bug.cgi?id=657 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|Priv seperation causes |Priv seperation causes |segfault |setreuid error ------- Additional Comments From dtucker at
2003 Sep 23
5
[Bug 710] ReliantUnix: -ldl missing when libcrypto is a shared object
http://bugzilla.mindrot.org/show_bug.cgi?id=710 Summary: ReliantUnix: -ldl missing when libcrypto is a shared object Product: Portable OpenSSH Version: -current Platform: MIPS OS/Version: other Status: NEW Severity: normal Priority: P3 Component: Build system AssignedTo:
2003 Sep 19
1
configure fixes for Tru64 UNIX V4.0x
1) Testing of uidswap.c on a Tru64 UNIX V4.0G PK4 (BL22) machine shows the following defines to be required for correct uid changing semantics: #define BROKEN_SETREGID 1 #define BROKEN_SETREUID 1 #define SETEUID_BREAKS_SETUID 1 Failure to fix these contributes to breaking privilege separation (in a safe way: connections will fail while UsePrivilegeSeparation=yes, thanks to
2005 Nov 16
3
OpenSSH on NCR MPRAS
Hi folks, I have successfully compiled and run OpenSSH 4.1p1 on NCR MPRAS: $ uname -a UNIX_SV support1 4.0 3.0 3446 Pentium Pro(TM)-EISA/PCI $ However, I have found one pretty critical problem, arising from the way that MPRAS handles changes to the IP stack. Background: To update any of the IP or TCP configuration options, system administrators should use the program "tcpconfig".
2003 Sep 18
0
Darwin notes for openssh-3.7.1p1
I was able to build working openssh-3.7.1p1 on the Darwin-ppc-1.4 , 5.5, and 6.0 platform, by setting the following by hand in config.h. #define SETEUID_BREAKS_SETUID #define BROKEN_SETREUID #define HAVE_SETEUID 1 /* #undef HAVE_SETREUID 1 */ For Darwin-x86-6.6.1, it built with the following. #define SETEUID_BREAKS_SETUID /* #undef BROKEN_SETREUID */ #define HAVE_SETEUID 1 /* #undef
2003 Sep 20
2
[Bug 693] Missing definitions in configure scripts
http://bugzilla.mindrot.org/show_bug.cgi?id=693 Summary: Missing definitions in configure scripts Product: Portable OpenSSH Version: 3.7.1p1 Platform: ix86 OS/Version: other Status: NEW Severity: normal Priority: P4 Component: Build system AssignedTo: openssh-bugs at mindrot.org ReportedBy:
2003 Sep 17
8
[Bug 653] sshd breaks logins after upgrade to 3.7.1p1 (Tru64 UNIX)
http://bugzilla.mindrot.org/show_bug.cgi?id=653 Summary: sshd breaks logins after upgrade to 3.7.1p1 (Tru64 UNIX) Product: Portable OpenSSH Version: 3.7.1p1 Platform: Alpha OS/Version: other Status: NEW Severity: critical Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org
2003 Sep 16
6
sshd 3.7p1 dies on MacOSX
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Here's the output from running sshd in debug mode: debug1: sshd version OpenSSH_3.7p1 debug1: private host key: #0 type 0 RSA1 debug1: read PEM private key done: type RSA debug1: private host key: #1 type 1 RSA debug1: read PEM private key done: type DSA debug1: private host key: #2 type 2 DSA debug1: setgroups() failed:
2003 Nov 18
5
Testing of recent commits
There have been a few recent commits to portable OpenSSH that require testing. It would be appreciated if you could grab the 20031118 (or later) snapshot and give it a try on your platforms of choice. Ideally, "giving it a try" means running the regress tests, in addition to casual (non-production) use and reporting your experiences back to the list. The more platforms and compile-time
2004 Aug 17
1
[Bug] LTP: mkdir fail after setreuid
For chdir03 investigation result: The fail is caused by the mkdir fail after setreuid. Key code in the test case: if ((pid =3D fork()) < 0) { tst_brkm(TBROK, cleanup, "first fork failed"); } if (pid =3D=3D 0) { /* first child */ /* set the child's ID to ltpuser1 */ if (setreuid(ltpuser1->pw_uid,
2004 Jan 26
1
patch for linux capabilities
I was wondering if it might be possible for an rsync developer to look over the attached patch (tested on Linux 2.4.24 against the rsync-2.6.0 release), and offer suggestions on how I could improve it. Basically I want to use Linux finer grained capabilities to retain only CAP_SYS_CHROOT & CAP_DAC_READ_SEARCH when rsync drops root privs. That way I can take whole system backups as a (mostly)
2000 Oct 03
1
Various platforms
Hello, I've been compiling OpenSSH up on just about every platform that I can get my hands on. I am not certain of the best way of building my 'fixes' into the source tree, not least of all since I didn't worry about #ifdef's or the configure scripts. However hopefully this will be of use to you. This is all for openssh-2.2.0p1 compiled alongside openssl-0.9.5a and
2003 Sep 17
16
[Bug 659] sshd failure on IRIX
http://bugzilla.mindrot.org/show_bug.cgi?id=659 Summary: sshd failure on IRIX Product: Portable OpenSSH Version: 3.7.1p1 Platform: MIPS OS/Version: IRIX Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy: bugzilla-openssh at
2002 Sep 04
2
uid transition and post-auth privsep (WAS Re: possible fundamental problem with tru64 patch) (fwd)
What do we loose by not having post-auth privsep? What code is executed between authorization and actual setting of the effective uid? On Tue, 3 Sep 2002, Chris Adams wrote: > Once upon a time, Toni L. Harbaugh-Blackford <harbaugh at nciaxp.ncifcrf.gov> said: > > It appears that the integration of the sia session setup will either > > have to be rethought or abandoned
2003 Sep 17
3
Use the OpenSSH 3.6 uidswap.c for building 3.7 under IRIX
[resending with uidswap.c instead of uidwrap.c] Once I got past the missing inet_ntoa.h weirdness, I ran into an sshd that died a lot. It appears that IRIX doesn't like some of the extra checks added between 1.23 and 1.24 of uidswap.c. Not sure if that constitutes an IRIX bug or not, but helpfully this helps someone. -- Mail: mjo at dojo.mi.org WWW: http://dojo.mi.org/~mjo/ Phone: +1
2005 Sep 19
1
ssh hangs or gives Segmentation fault
Details of installation attached. Effect: when I build and test (with full path names) ssh in the openssh... directory, everything works fine. When I "install" it as per attached file into a test-directory and run it from there, there are 2 phenomena: either it just hangs, eating 96% of CPU or it dies with a Segmentation fault (this is what happens most often) Help needed
1999 Mar 10
1
Bug in set_effective_uid on AIX 4.1.5 /4.3.2 Samba 2.0.3
Dear samba-Team, The bug reported in PR#12819 for AXI 4.1.5 persits also in samba 2.0.3. The Bug prevents the connecting of other users as root to any share. I have a workaround/fix tested on AIX 4.1.5 ,4.3.2 with gcc 2.8.1 here: Change samba-2.0.3/source/lib/util_sec.c funktion set_effective_uid like this: 155c155 < #elif defined(HAVE_SETREUID) --- > #elif defined(HAVE_SETREUID)