similar to: [Bug 715] usage of BROKEN_SETREUID/BROKEN_SETREGID considered harmful

Well, I had just finally gotten around to downloading a snapshot to test the latest on Tru64 a couple of days ago but hadn't had a chance to build it yet, and 3.7p1 has now been released. Sigh. The problem is that Tru64 setreuid() and setregid() are broken, so privsep doesn't work. This could also be a security problem for SIA authentication in general (any version of OpenSSH on Tru64,

The following is special to sshd 3.9p1 under ReliantUnix 5.45. It does not occur under ReliantUnix 5.43 nor under Solaris 5.8: `pwd`/sshd-3.9 -e -D -d -d -d Now connecting from outside [...] debug1: inetd sockets after dupping: 3, 3 debug1: get_port() calls get_sock_port(3) debug1: getpeername failed: Operation not supported on transport endpoint lsof proves FD 3 is an established TCP

Hi, attached please find some patches for ReliantUNIX. This was tested under Reliant UNIX V5.43C40 with Compiler CDSDEV V2.0C00. Here is what I did: - there is a common misunderstanding how to use /usr/libucb/libucb.a: There are some library functions only in libucb.a under ReliantUNIX, so one needs to bind it. The problem is: there are some other functions in this library you should never

http://bugzilla.mindrot.org/show_bug.cgi?id=657 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|Priv seperation causes |Priv seperation causes |segfault |setreuid error ------- Additional Comments From dtucker at

http://bugzilla.mindrot.org/show_bug.cgi?id=710 Summary: ReliantUnix: -ldl missing when libcrypto is a shared object Product: Portable OpenSSH Version: -current Platform: MIPS OS/Version: other Status: NEW Severity: normal Priority: P3 Component: Build system AssignedTo:

1) Testing of uidswap.c on a Tru64 UNIX V4.0G PK4 (BL22) machine shows the following defines to be required for correct uid changing semantics: #define BROKEN_SETREGID 1 #define BROKEN_SETREUID 1 #define SETEUID_BREAKS_SETUID 1 Failure to fix these contributes to breaking privilege separation (in a safe way: connections will fail while UsePrivilegeSeparation=yes, thanks to

Hi folks, I have successfully compiled and run OpenSSH 4.1p1 on NCR MPRAS: $ uname -a UNIX_SV support1 4.0 3.0 3446 Pentium Pro(TM)-EISA/PCI $ However, I have found one pretty critical problem, arising from the way that MPRAS handles changes to the IP stack. Background: To update any of the IP or TCP configuration options, system administrators should use the program "tcpconfig".

I was able to build working openssh-3.7.1p1 on the Darwin-ppc-1.4 , 5.5, and 6.0 platform, by setting the following by hand in config.h. #define SETEUID_BREAKS_SETUID #define BROKEN_SETREUID #define HAVE_SETEUID 1 /* #undef HAVE_SETREUID 1 */ For Darwin-x86-6.6.1, it built with the following. #define SETEUID_BREAKS_SETUID /* #undef BROKEN_SETREUID */ #define HAVE_SETEUID 1 /* #undef

http://bugzilla.mindrot.org/show_bug.cgi?id=693 Summary: Missing definitions in configure scripts Product: Portable OpenSSH Version: 3.7.1p1 Platform: ix86 OS/Version: other Status: NEW Severity: normal Priority: P4 Component: Build system AssignedTo: openssh-bugs at mindrot.org ReportedBy:

http://bugzilla.mindrot.org/show_bug.cgi?id=653 Summary: sshd breaks logins after upgrade to 3.7.1p1 (Tru64 UNIX) Product: Portable OpenSSH Version: 3.7.1p1 Platform: Alpha OS/Version: other Status: NEW Severity: critical Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Here's the output from running sshd in debug mode: debug1: sshd version OpenSSH_3.7p1 debug1: private host key: #0 type 0 RSA1 debug1: read PEM private key done: type RSA debug1: private host key: #1 type 1 RSA debug1: read PEM private key done: type DSA debug1: private host key: #2 type 2 DSA debug1: setgroups() failed:

There have been a few recent commits to portable OpenSSH that require testing. It would be appreciated if you could grab the 20031118 (or later) snapshot and give it a try on your platforms of choice. Ideally, "giving it a try" means running the regress tests, in addition to casual (non-production) use and reporting your experiences back to the list. The more platforms and compile-time

For chdir03 investigation result: The fail is caused by the mkdir fail after setreuid. Key code in the test case: if ((pid =3D fork()) < 0) { tst_brkm(TBROK, cleanup, "first fork failed"); } if (pid =3D=3D 0) { /* first child */ /* set the child's ID to ltpuser1 */ if (setreuid(ltpuser1->pw_uid,

I was wondering if it might be possible for an rsync developer to look over the attached patch (tested on Linux 2.4.24 against the rsync-2.6.0 release), and offer suggestions on how I could improve it. Basically I want to use Linux finer grained capabilities to retain only CAP_SYS_CHROOT & CAP_DAC_READ_SEARCH when rsync drops root privs. That way I can take whole system backups as a (mostly)

Hello, I've been compiling OpenSSH up on just about every platform that I can get my hands on. I am not certain of the best way of building my 'fixes' into the source tree, not least of all since I didn't worry about #ifdef's or the configure scripts. However hopefully this will be of use to you. This is all for openssh-2.2.0p1 compiled alongside openssl-0.9.5a and

http://bugzilla.mindrot.org/show_bug.cgi?id=659 Summary: sshd failure on IRIX Product: Portable OpenSSH Version: 3.7.1p1 Platform: MIPS OS/Version: IRIX Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy: bugzilla-openssh at

Hans Wennborg <hans at chromium.org> writes: > Can you put something in the release notes when this happens? I already updated the release notes in r268693, when I added the void Select option in the first place :) > Thanks, > Hans > > On Sat, May 21, 2016 at 10:57 AM, Justin Bogner via llvm-dev > <llvm-dev at lists.llvm.org> wrote: >> Update: All in tree

On Sun, 9 Dec 2018 20:20:00 +0100 Peter Eriksson via samba <samba at lists.samba.org> wrote: > Our setup: > Windows AD realm with ~115K users (and numerous groups etc) > FreeBSD servers with Samba 4.7.6 and Samba 4.9.3 (both show the same > growth) > > We just noticed that one of the ‘winbindd’ daemons on the servers > seems to be growing and growing forever. A bit of

Update: All in tree backends now implement `void Select`. I'll be removing the SelectImpl path on Monday. Justin Bogner <mail at justinbogner.com> writes: > TLDR: Heads up for out of tree backends - you're going to need to update > your *DAGToDAGISel::Select method to unconditionally replace nodes > directly instead of returning the desired replacement. > > So I'm

Can you put something in the release notes when this happens? Thanks, Hans On Sat, May 21, 2016 at 10:57 AM, Justin Bogner via llvm-dev <llvm-dev at lists.llvm.org> wrote: > Update: All in tree backends now implement `void Select`. I'll be > removing the SelectImpl path on Monday. > > Justin Bogner <mail at justinbogner.com> writes: >> TLDR: Heads up for out of