similar to: relaxing access rights verifications

Ok, for those running NeXT and other platforms with broken/missing _POSIX_SAVED_ID please try this patch, and anyone that has spent any amount of time dealing with this problem. I believe it's right. BTW, this patch is no where near as big as it looks. The patch was done against an earily version of the tree which had an issue with white space. - Ben --- ../openssh/uidswap.c Sun Apr 22

Hi there, everyone; I've had a few requests for an updated version of my chroot patch. (the version found in contrib is outdated) So, here it goes, updated to 2.3.0p1; "chroot.diff" is a plain diff for session.c (apply, compile and go). "chroot+configure.diff" is the same patch, plus an option to "configure" for enabling/disabling chroot support (./configure

http://bugzilla.mindrot.org/show_bug.cgi?id=779 Summary: Chroot environment for sftp client crazy Product: Portable OpenSSH Version: 3.7.1p2 Platform: Other URL: http://aixpanish.com OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: sftp-server AssignedTo:

Using OpenSSH SFTP with chroot ============================== Several people have been asking now for some kind of documentation on how to use the chroot-patch for the sftp-server. So here it comes. I hope nobody minds that i post this in the developer list. The patch has been provided to the list some time ago. I'm sorry not giving credit to the author, but I really don't know who

This is the patch part of contrib/chroot.diff updated to be appliable against openssh-2.9p2. Tested on FreeBSD (various 3.x and 4.x) without PAM or UseLogin. Also, as part of deployment (replacing emergency-withdrawal of Telnet access) I've chosen to get sftp on the relevant boxes. The deployment had a scriptlet doing the config/make/etc and after the "make install" would change

http://bugzilla.mindrot.org/show_bug.cgi?id=374 Summary: uidswap.c doesn't compile on SCO 3.2v4.2 Product: Portable OpenSSH Version: -current Platform: ix86 OS/Version: other Status: NEW Severity: normal Priority: P2 Component: Build system AssignedTo: openssh-unix-dev at mindrot.org

Howdy folks, The chroot patch in the contrib directory had gotten stale and didn't apply cleanly, so I've updated it... The attached patch works fine with 3.0p1. Is there any reason this patch stays in the contrib directory rather than being applied to the source? I find it incredibly useful. Thanks for your hard work on OpenSSH! Bret PS: Please cc me with any responses as I'm

openssh-2.9.9p2 assumes that pid_t, uid_t, gid_t, and mode_t are no wider than int. GCC complains about this assumption on 32-bit Solaris 8 sparc, where these types are 'long', not 'int'. This isn't an actual problem at runtime on this host, as long and int are the same width, but it is a problem on other hosts where pid_t is wider than int. E.g., I've heard that 64-bit

Hello Porters, I've finally (thanks to Wendy Palm of Cray) ported OpenSSH to Dynix v4.4.4. I had to make sure that "UseLogin" was set to "no" in the sshd_config file. Also, here are the old-style contextual diffs (obtained with 'diff -c' on the Dynix box) of the two files I had to change: *** configure Sat Jun 16 17:09:50 2001 --- configure.new Mon Oct 8

Hello Porters, I am attempting to compile OpenSSH 2.9.9p2 on a Dynix V4.4.4 host. I have set USE_PIPES and BROKEN_SAVED_UIDS (the latter because there are no functions for set{eu,eg}id() that I can find). I configured with "./configure '--with-libs=-lnsl -lsec'". Each time I attempt to login, I get this error: No utmp entry. You must exec "login" from

Hi there, everybody; As promised, here's the new version for my chroot patch. It applies cleanly over OpenSSH 2.1.1p4, and I'm attaching 2 versions: - openssh-2.1.1p4-chroot.patch-wc, is the chroot patch plus a "--with-chroot" patch for the "configure" script. - openssh-2.1.1p4-chroot.patch, is the same without the "--with-chroot" part. Have fun,

Here's a unified diff, proposed by Christos Zoulas (with a little reworking to get the configure.in part a bit cleaner). The main target of the patches are NetBSD compatability, although there are some changes making if (pointer X) into if (X != NULL) as well. Christos also proposed a change to Makefile.in, but I'll send that as a seperate mail. Thanks, David Index: configure.in

I am enclosing a context diff of the changes that I made to get openssh working on UWIN. UWIN is a UNIX operating system layer that runs on Win32 systems. For more information on UWIN go to http://www.research.att.com/sw/tools/uwin/. I also ran configure using -with-cppflags=-D_BSDCOMP=2. I don't know where that information would go with the source code. Let me know if you need more

Hi, the below patch drops another test for uid 0 on Cygwin. It's embarassing that I never found it. Actually temporarily_use_uid never worked on Cygwin due to that. So far that had no influence, but now that we have activated another feature which makes Cygwin more POSIX-like, somebody on the Cygwin list found that agent forwarding didn't work anymore. The reason is that due to the

Hi, the following patches are in the NetBSD packages collection to get OpenSSH 1.2.2 going. Changes: * /dev/urandom may be there but not in the kernel - make sure * Pull in some more headers needed by configure * Add proper ld-flags for ELF platforms * Some code cleanup * Install example files always to a different dir, and use out build system to DTRT WRT getting them to /etc.

Hi there, everyone; Attached to this mail is the 2.2.0p1 version of my chroot patch. For those of you interested, my usual warning: This is NOT plug&pray. You'll have to build a whole binaries/libs/conf files tree within the new root. (it's just like the "classic" anonymous ftp behaviour) Configure with "configure --with-chroot" to use. Regards; RC --

Howdy list, I can't seem to find any doc's explaining what's really going on behind this scenario: A user home directory had been reset to : d--- --- --- user group user_dir As root i tried to : chmod -R 750 user_dir got permission denied, my friend tried with as user that owns the directory to: chmod -R 750 user_dir and voila it works. My question is how come did it work,

Below I've includes a patch which helps build OpenSSH outside from a read-only source tree, find OpenSSL on Mac OS X, and fix a typo. This applies to OpenSSH 2.1.1p4. You should already have gotten a note from Melissa O'Neil about a conflict with the crc32() symbol in zlib, which was causing a crash on Darwin. I've noticed another bug. If ssh is setuid, I get a permission

I'm working on setting up a semi-trusted sftp service, and to get it working, I need chroot capability. I've taken the /./ wuftpd magic token code from contrib/chroot.diff and put it into the sftp server. The main problem is that privileges have been dropped by the time the subsystem is exec'ed, so my patch requires that sftp-server be setuid root. Not ideal, I know, but I drop all

This patch was generated using the Coccinelle scripts and btrfs code in v2.6.36-9657-g7a3f8fe. Use ERR_CAST inlined function instead of ERR_PTR(PTR_ERR(...)) The semantic patch that makes this change is available in scripts/coccinelle/api/err_cast.cocci. More information about semantic patching is available at http://coccinelle.lip6.fr/ Signed-off-by: Chris Samuel