similar to: Question on function order

Displaying 20 results from an estimated 50000 matches similar to: "Question on function order"

2002 Jun 25
3
BSD/OS with privsep
I need this for BSD/OS 4.2 + privsep perhaps we should not call do_setusercontext() after chroot(). --- sshd.c.orig Fri Jun 21 03:09:47 2002 +++ sshd.c Tue Jun 25 13:11:03 2002 @@ -548,21 +548,35 @@ /* Change our root directory*/ if (chroot(_PATH_PRIVSEP_CHROOT_DIR) == -1) fatal("chroot(\"%s\"): %s", _PATH_PRIVSEP_CHROOT_DIR, strerror(errno)); if
2003 Dec 26
1
[Bug 779] Chroot environment for sftp client crazy
http://bugzilla.mindrot.org/show_bug.cgi?id=779 Summary: Chroot environment for sftp client crazy Product: Portable OpenSSH Version: 3.7.1p2 Platform: Other URL: http://aixpanish.com OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: sftp-server AssignedTo:
2009 Mar 02
0
About setpcred() and chroot()
Hi, I need to use sftp-only accounts, chroot()ed in their home dirs, on AIX 5.3 with OpenSSH_5.2p1. But there is a problem with the chroot() call. In the do_setusercontext() function, chroot() is called after the setpcred() (only AIX is concerned by the setpcred() call), so privileges are already dropped when chroot() is called. When not calling setpcred(), the chroot() does not fail and the
2002 Jun 26
5
[PATCH] improved chroot handling
There are a couple of niggles with the sandboxing of the unprivileged child in the privsep code: the empty directory causes namespace pollution, and it requires care to ensure that it is set up properly and remains set up properly. The patch below (against the portable OpenSSH, although the patch against the OpenBSD version is very similar) replaces the fixed empty directory with one that is
2002 Aug 01
1
[Bug 375] New: sshd core dumping with msg "Cannot delete credentials"
http://bugzilla.mindrot.org/show_bug.cgi?id=375 Summary: sshd core dumping with msg "Cannot delete credentials" Product: Portable OpenSSH Version: 3.1p1 Platform: Sparc OS/Version: Solaris Status: NEW Severity: major Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org
2004 May 04
3
Error with USE_POSIX_THREADS and OpenSSH-3.8p1
Hello, I am using OpenSSH-3.8p1 on HP-UX machine with USE_POSIX_THREADS option. This is for making the kerberos credentials file to be created in the system with PAM. In OpenSSH versions 3.5 when authentication is done with pam kerberos, a /tmp/krb5cc_X_Y file is created on the server side. But the KRB5CCNAME variable is not set by default. So, after we manually set this environment variable, the
2002 Jun 24
4
README.privsep
Hi, This is included in the release now; any feedback? Privilege separation, or privsep, is method in OpenSSH by which operations that require root privilege are performed by a separate privileged monitor process. Its purpose is to prevent privilege escalation by containing corruption to an unprivileged process. More information is available at:
2002 Nov 05
2
[PATCH] Add a chroot_users option to sshd
This patch adds a new option to sshd, chroot_users. It has the effect of chroot()ing incoming ssh users to their home directory. Note: this option does not work if UsePrivilegeSeparation is enabled. Patch is based on OpenSSH 3.4p1. *** servconf.h@@\main\1 Tue Oct 1 17:25:32 2002 --- servconf.h Wed Oct 2 06:17:48 2002 *************** *** 131,136 **** --- 131,137 ---- char
2008 May 25
1
OpenSSH + chroot + SELinux = broke
Hello, First, a big thank you to the OpenSSH devs. _ /Problem Summary:/ _ Chroot and SELinux don't get along. This affects both the new (official) ChrootDirectory feature, as well as the older (3rd party) patch at http://chrootssh.sourceforge.net/. _ /History and repro:/ _ On March 21, 2008, Alexandre Rossi posted to this list with the subject: "*ChrootDirectory
2008 Sep 23
3
[Bug 1527] New: ForceCommand internal-sftp needs a way to enable logging
https://bugzilla.mindrot.org/show_bug.cgi?id=1527 Summary: ForceCommand internal-sftp needs a way to enable logging Product: Portable OpenSSH Version: 5.1p1 Platform: Itanium2 OS/Version: HP-UX Status: NEW Severity: minor Priority: P4 Component: sftp-server AssignedTo:
2006 Sep 11
1
error in rsync protocol data stream (code 12) at io.c(463) on HP-UX 11.23
Hello, We discovered a slight problem with rsync 2.6.8 on HP-UX 11.23 on Itanium2. When trying to get a directory listing via: # oracle@DEV1[]:/~ > rsync dev1::deploy drwxr-xr-x 96 2006/09/06 12:57:36 . drwxrwxrwx 96 2006/09/11 15:35:33 test # ... it works flawlessly, but when trying to get a subdirectory we get the following error: # DEV1:/etc# rsync dev1::deploy/test #
2001 Jun 20
8
[Lutz.Jaenicke@aet.TU-Cottbus.DE: 2.9p1: HP-UX 10.20 utmp/wtmp handling broken?]
Hi! I am resending the following message about problems with utmp handling. * In the meantime I had some request in private mail from people asking whether I have new information. * The problem is still persistant in 2.9p2. * My own new investigations show, that the problem only appears with protocol 2, not with protocol 1, I therefore only started to note it when protocol 2 became the
2012 Mar 06
6
openssh static build - mission impossible?
I am trying to build a static version of ssh, sshd and sftp, but after banging my head against the wall for the best part of the last 3 days I am about to give up... Since I plan to use this on an embedded device (building dropbear is *NOT* an option!), I've excluded as many openssh configure options as I can but, ultimately, failed. This is my setup: export LDFLAGS=' -pie -z relro -z
2002 Jul 04
4
Chroot patch (v3.4p1)
The following is a patch I've been working on to support a "ChrootUser" option in the sshd_config file. I was looking for a way to offer sftp access and at the same time restict interactive shell access. This patch is a necessary first step (IMO). It applies clean with 'patch -l'. Also attached is a shell script that helps to build a chrooted home dir on a RedHat 7.2
2014 Feb 03
1
OpenSSH 6.5 on HP-UX 10.20
Hi, just a minor bugreport. OpenSSH 6.5 needs a fix to compile on HP-UX 10.20. On HP-UX 10.20, ntohs is not defined in "netinet/in.h" but in "arpa/inet.h". readconf.c misses the required additional #include <arpa/inet.h>: $ diff -c readconf.c readconf.c_new *** readconf.c Fri Jan 17 14:03:57 2014 --- readconf.c_new Mon Feb 3 01:18:29 2014 *************** ***
2009 Mar 06
20
[Bug 1567] New: Insufficient privileges to chroot() on AIX
https://bugzilla.mindrot.org/show_bug.cgi?id=1567 Summary: Insufficient privileges to chroot() on AIX Product: Portable OpenSSH Version: 5.2p1 Platform: PPC OS/Version: AIX Status: NEW Severity: major Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org ReportedBy: bana
2006 Apr 27
0
bug in OpenSSH_4.3p2: pam_open_session() called but not close for root users
For root sessions pam_open_session is called, but not pam_close_session. sshd behavior is broken for root logins because if pam session is run from the child, close is never called due to exec: on open since use_privsep is not set, parent calls do_exec_pty(), which does not open session. then, it skips calling do_setusercontext(), so it does not open session. child calls
2015 Oct 22
3
[Bug 2482] New: SELinux integration
https://bugzilla.mindrot.org/show_bug.cgi?id=2482 Bug ID: 2482 Summary: SELinux integration Product: Portable OpenSSH Version: 7.1p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org
2011 Nov 29
3
[Bug 1952] New: Local port forwarding does not work in a particular combination of conditions.
https://bugzilla.mindrot.org/show_bug.cgi?id=1952 Bug #: 1952 Summary: Local port forwarding does not work in a particular combination of conditions. Classification: Unclassified Product: Portable OpenSSH Version: 5.8p1 Platform: Itanium OS/Version: HP-UX Status: NEW Severity: normal
2008 Jul 22
0
Announce: OpenSSH 5.1 released
OpenSSH 5.1 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. We have also recently completed another Internet SSH usage scan, the results of which may be found at http://www.openssh.com/usage.html Once again, we