Displaying 20 results from an estimated 2000 matches similar to: "[Bug 715] usage of BROKEN_SETREUID/BROKEN_SETREGID considered harmful"
2003 Sep 16
1
OpenSSH 3.7p1, PrivSep, and Tru64 broken (sorry)
Well, I had just finally gotten around to downloading a snapshot to test
the latest on Tru64 a couple of days ago but hadn't had a chance to
build it yet, and 3.7p1 has now been released. Sigh.
The problem is that Tru64 setreuid() and setregid() are broken, so
privsep doesn't work.
This could also be a security problem for SIA authentication in general
(any version of OpenSSH on Tru64,
2004 Aug 25
6
sshd 3.9p1 under Reliant Unix 5.45: getpeername: Operation not supported on transport endpoint
The following is special to sshd 3.9p1 under ReliantUnix 5.45. It does
not occur under ReliantUnix 5.43 nor under Solaris 5.8:
`pwd`/sshd-3.9 -e -D -d -d -d
Now connecting from outside
[...]
debug1: inetd sockets after dupping: 3, 3
debug1: get_port() calls get_sock_port(3)
debug1: getpeername failed:
Operation not supported on transport endpoint
lsof proves FD 3 is an established TCP
2001 Aug 20
4
[PATCH] some patches for Fujitsu-Siemens ReliantUNIX, minor fixes and XXXes
Hi,
attached please find some patches for ReliantUNIX. This was tested under
Reliant UNIX V5.43C40 with Compiler CDSDEV V2.0C00.
Here is what I did:
- there is a common misunderstanding how to use /usr/libucb/libucb.a:
There are some library functions only in libucb.a under ReliantUNIX, so
one needs to bind it. The problem is: there are some other functions in
this library you should never
2003 Sep 17
8
[Bug 657] Priv seperation causes setreuid error
http://bugzilla.mindrot.org/show_bug.cgi?id=657
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|Priv seperation causes |Priv seperation causes
|segfault |setreuid error
------- Additional Comments From dtucker at
2003 Sep 23
5
[Bug 710] ReliantUnix: -ldl missing when libcrypto is a shared object
http://bugzilla.mindrot.org/show_bug.cgi?id=710
Summary: ReliantUnix: -ldl missing when libcrypto is a shared
object
Product: Portable OpenSSH
Version: -current
Platform: MIPS
OS/Version: other
Status: NEW
Severity: normal
Priority: P3
Component: Build system
AssignedTo:
2003 Sep 19
1
configure fixes for Tru64 UNIX V4.0x
1) Testing of uidswap.c on a Tru64 UNIX V4.0G PK4 (BL22) machine shows the
following defines to be required for correct uid changing semantics:
#define BROKEN_SETREGID 1
#define BROKEN_SETREUID 1
#define SETEUID_BREAKS_SETUID 1
Failure to fix these contributes to breaking privilege separation
(in a safe way: connections will fail while UsePrivilegeSeparation=yes,
thanks to
2005 Nov 16
3
OpenSSH on NCR MPRAS
Hi folks,
I have successfully compiled and run OpenSSH 4.1p1 on NCR MPRAS:
$ uname -a
UNIX_SV support1 4.0 3.0 3446 Pentium Pro(TM)-EISA/PCI
$
However, I have found one pretty critical problem, arising from the way
that MPRAS handles changes to the IP stack.
Background:
To update any of the IP or TCP configuration options, system
administrators should use the program "tcpconfig".
2003 Sep 18
0
Darwin notes for openssh-3.7.1p1
I was able to build working openssh-3.7.1p1 on the Darwin-ppc-1.4 , 5.5, and 6.0 platform, by
setting the following by hand in config.h.
#define SETEUID_BREAKS_SETUID
#define BROKEN_SETREUID
#define HAVE_SETEUID 1
/* #undef HAVE_SETREUID 1 */
For Darwin-x86-6.6.1, it built with the following.
#define SETEUID_BREAKS_SETUID
/* #undef BROKEN_SETREUID */
#define HAVE_SETEUID 1
/* #undef
2003 Sep 20
2
[Bug 693] Missing definitions in configure scripts
http://bugzilla.mindrot.org/show_bug.cgi?id=693
Summary: Missing definitions in configure scripts
Product: Portable OpenSSH
Version: 3.7.1p1
Platform: ix86
OS/Version: other
Status: NEW
Severity: normal
Priority: P4
Component: Build system
AssignedTo: openssh-bugs at mindrot.org
ReportedBy:
2003 Sep 17
8
[Bug 653] sshd breaks logins after upgrade to 3.7.1p1 (Tru64 UNIX)
http://bugzilla.mindrot.org/show_bug.cgi?id=653
Summary: sshd breaks logins after upgrade to 3.7.1p1 (Tru64 UNIX)
Product: Portable OpenSSH
Version: 3.7.1p1
Platform: Alpha
OS/Version: other
Status: NEW
Severity: critical
Priority: P2
Component: sshd
AssignedTo: openssh-bugs at mindrot.org
2003 Sep 16
6
sshd 3.7p1 dies on MacOSX
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Here's the output from running sshd in debug mode:
debug1: sshd version OpenSSH_3.7p1
debug1: private host key: #0 type 0 RSA1
debug1: read PEM private key done: type RSA
debug1: private host key: #1 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #2 type 2 DSA
debug1: setgroups() failed:
2003 Nov 18
5
Testing of recent commits
There have been a few recent commits to portable OpenSSH that require
testing. It would be appreciated if you could grab the 20031118 (or
later) snapshot and give it a try on your platforms of choice.
Ideally, "giving it a try" means running the regress tests, in addition
to casual (non-production) use and reporting your experiences back to
the list. The more platforms and compile-time
2004 Aug 17
1
[Bug] LTP: mkdir fail after setreuid
For chdir03 investigation result:
The fail is caused by the mkdir fail after setreuid.
Key code in the test case:
if ((pid =3D fork()) < 0) {
tst_brkm(TBROK, cleanup, "first fork failed");
}
if (pid =3D=3D 0) { /* first child */
/* set the child's ID to ltpuser1 */
if (setreuid(ltpuser1->pw_uid,
2004 Jan 26
1
patch for linux capabilities
I was wondering if it might be possible for an rsync developer to
look over the attached patch (tested on Linux 2.4.24 against the
rsync-2.6.0 release), and offer suggestions on how I could improve it.
Basically I want to use Linux finer grained capabilities to retain
only CAP_SYS_CHROOT & CAP_DAC_READ_SEARCH when rsync drops root
privs. That way I can take whole system backups as a (mostly)
2000 Oct 03
1
Various platforms
Hello,
I've been compiling OpenSSH up on just about every platform that I can
get my hands on. I am not certain of the best way of building my
'fixes' into the source tree, not least of all since I didn't worry about
#ifdef's or the configure scripts. However hopefully this will be of use
to you. This is all for openssh-2.2.0p1 compiled alongside
openssl-0.9.5a and
2003 Sep 17
16
[Bug 659] sshd failure on IRIX
http://bugzilla.mindrot.org/show_bug.cgi?id=659
Summary: sshd failure on IRIX
Product: Portable OpenSSH
Version: 3.7.1p1
Platform: MIPS
OS/Version: IRIX
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: openssh-bugs at mindrot.org
ReportedBy: bugzilla-openssh at
2016 May 23
0
SelectionDAGISel::Select's API considered harmful
Hans Wennborg <hans at chromium.org> writes:
> Can you put something in the release notes when this happens?
I already updated the release notes in r268693, when I added the void
Select option in the first place :)
> Thanks,
> Hans
>
> On Sat, May 21, 2016 at 10:57 AM, Justin Bogner via llvm-dev
> <llvm-dev at lists.llvm.org> wrote:
>> Update: All in tree
2018 Dec 09
0
"wbinfo -u" considered harmful towards Winbindd...
On Sun, 9 Dec 2018 20:20:00 +0100
Peter Eriksson via samba <samba at lists.samba.org> wrote:
> Our setup:
> Windows AD realm with ~115K users (and numerous groups etc)
> FreeBSD servers with Samba 4.7.6 and Samba 4.9.3 (both show the same
> growth)
>
> We just noticed that one of the ‘winbindd’ daemons on the servers
> seems to be growing and growing forever. A bit of
2016 May 21
0
SelectionDAGISel::Select's API considered harmful
Update: All in tree backends now implement `void Select`. I'll be
removing the SelectImpl path on Monday.
Justin Bogner <mail at justinbogner.com> writes:
> TLDR: Heads up for out of tree backends - you're going to need to update
> your *DAGToDAGISel::Select method to unconditionally replace nodes
> directly instead of returning the desired replacement.
>
> So I'm
2016 May 23
2
SelectionDAGISel::Select's API considered harmful
Can you put something in the release notes when this happens?
Thanks,
Hans
On Sat, May 21, 2016 at 10:57 AM, Justin Bogner via llvm-dev
<llvm-dev at lists.llvm.org> wrote:
> Update: All in tree backends now implement `void Select`. I'll be
> removing the SelectImpl path on Monday.
>
> Justin Bogner <mail at justinbogner.com> writes:
>> TLDR: Heads up for out of