Displaying 20 results from an estimated 2000 matches similar to: "Privilege Separation Design Question"
2002 Jul 10
2
[protois@ensea.fr: NVIDIA and Privilege Separation]
Does someone understand this? I do not.
Niels.
----- Forwarded message from laurent Protois <protois at ensea.fr> -----
Subject: NVIDIA and Privilege Separation
From: laurent Protois <protois at ensea.fr>
To: provos at citi.umich.edu
X-Mailer: Ximian Evolution 1.0.7-1mdk
Date: 10 Jul 2002 09:29:45 +0200
Hi Niels,
i have a little problem with openssh 3.4 and Nvidia kernel driver:
2002 Jul 05
1
[jlevine@utcnist.colorado.edu: Privilege separation]
Is this a known problem?
Niels.
----- Forwarded message from Judah Levine <jlevine at utcnist.colorado.edu> -----
Date: Fri, 5 Jul 2002 08:58:46 -0600 (MDT)
From: Judah Levine <jlevine at utcnist.colorado.edu>
To: provos at citi.umich.edu
Subject: Privilege separation
Hello,
I have just installed openssh-3.4p1 on a COMPAQ/DEC/HP Alpha running
True64 UNIX v4.0F. The privilege
2002 Jun 26
1
privilege separation breaks dns lookups
When the unprivileged child has chrooted it can no longer open
/etc/resolv.conf, so if the resolver hasn't yet initialized itself then
dns lookups will not be possible. This is unfortunately what normally
happens, but sshd falls back gracefully.
There are a couple of wrinkles: the resolver will typically try talking
to a nameserver on the local host by default (using INADDR_ANY rather
than
2005 Aug 29
4
Conflict between LDAP and Privilege Separation?
Hi all.
OpenSSH_4.1p1, OpenSSL 0.9.7g 11 Apr 2005 on Solaris 8 using host-based
authentication.
With "PrivilegeSeparation yes" and "UsePAM no" everything works as
desired. If I enable PAM, I am able to connect, but just before it
gives me a shell, it disconnects. If I leave PAM enabled and disable
PrivilegeSeparation, it works.
Is this a current limitation, or is there
2003 Jan 03
1
OpenSSH, Solaris 8, and BSM works with BSM patch, but must disable privilege separation
To get BSM working on Solaris 8 with OpenSSH, I did this:
Download John R. Jackson's OpenSSH 3.5p1 BSM patch here, and save as "patch.tar.gz":
http://bugzilla.mindrot.org/show_bug.cgi?id=125
(NOTE TO OpenSSH DEVELOPERS, can you incorporate this patch into the next version of OpenSSH?)
Installing the OpenSSH 3.5p1 BSM patch:
?--------------------------------------
Turning on Sun BSM
2005 Oct 17
12
[Bug 1105] Privilege Separation
http://bugzilla.mindrot.org/show_bug.cgi?id=1105
markus at openbsd.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|Privledge Separation |Privilege Separation
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the
2005 Mar 14
2
Questions about 3.0.12rc1
Hello!
Before this post, i'm send 3 problems in 3.0.11
I'm compiled 3.0.12rc1 and found next:
1) Settings primary group .... problem solved, but question to developer
You append to mapping.c in smb_set_primary_group
ret = smbrun(add_script,NULL);
flush_pwnam_cache();
^^^^^^^^^^^^^^^^^^^^
But not check ret code .....if my script exit in code != 0, i'm change
2008 Sep 15
0
No subject
hello..
i am running openssh-3.7.1p2. on linux.It is working successfully..and daemon is running &client also connecting.But the problem is with the mips architecture when i connecting this server from remote syytem.?i got an error of buufer_get:trying to get more bytes 1 than buffer0.And client is not connecting from remote system.My out is as follows on my server
?in sshd main
before
2015 Feb 21
4
[Bug 2358] New: allow sshd to "redirect" to another local user
https://bugzilla.mindrot.org/show_bug.cgi?id=2358
Bug ID: 2358
Summary: allow sshd to "redirect" to another local user
Product: Portable OpenSSH
Version: 6.7p1
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee:
2005 Apr 15
3
PAM authentication
I find it annoying that openssh takes active part in the authentication
process when using PAM. Namely, SSH doesn't pass the user's password if
the getpwent for the user returns NULL.
I use a clever PAM setup that allows nonexisting users to log in if they
are succesfully authenticated against a Samba server.
When the user logs in for the first time, he's added to the user
database
2008 Sep 18
2
SSHD_PROBLEM
hello..
i am running openssh-3.7.1p2. on linux.It is working
successfully.and daemon is running &client also connecting.But the
problem is with the mips architecture when i connecting this server
from remote syytem. i got an error of buufer_get:trying to get more
bytes 1 than buffer0.And client is not connecting from remote system.My
out is as follows on my server
in sshd main
before
2003 Oct 28
2
Privilege separation
Hello!
Please consider including the attached patch in the next release. It
allows one to drop privilege separation code while building openssh by using
'--disable-privsep' switch of configure script. If one doesn't use privilege
separation at all, why don't simply allow him to drop privilege separation
support completely?
--
Sincerely Your, Dan.
-------------- next part
2004 May 27
0
Patch: OpenSSH 3.8.1p1, PAM, pam_krb5 & Privilege Separation
A non-text attachment was scrubbed...
Name: openssh-setcred.patch
Type: text/x-patch
Size: 2735 bytes
Desc: PAM and Kerberos
Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20040527/d7678ac6/attachment.bin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openssh-pam-privsep.patch
Type: text/x-patch
Size: 1171 bytes
Desc: GSSAPIAuth PAM and
2002 Sep 10
0
[Bug 382] Privilege Separation breaks HostbasedAuthentication
http://bugzilla.mindrot.org/show_bug.cgi?id=382
markus at openbsd.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
------- Additional Comments From markus at openbsd.org 2002-09-11
2002 Jun 25
0
Privilege separation and linux kernel 2.0.x: mm_receive_fd fails
FWIW, after patching the mmap issue, openssh still doesn't work on
linux kernel 2.0.39 (+ patches):
sshd[22202]: fatal: mm_receive_fd: expected type 1 got 2355841
I didn't dig deeper into it yet, but I believe 2.0 kernel does not support
the kind of recvmsg() use privsep expects.
-- v --
v at iki.fi
2002 Jun 28
0
[Bug 319] New: Privilege Separation failing on OSF1 v5.1
http://bugzilla.mindrot.org/show_bug.cgi?id=319
Summary: Privilege Separation failing on OSF1 v5.1
Product: Portable OpenSSH
Version: -current
Platform: Alpha
OS/Version: OSF/1
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: openssh-unix-dev at mindrot.org
ReportedBy:
2002 Jun 28
4
[Bug 319] Privilege Separation failing on OSF1 v5.1
http://bugzilla.mindrot.org/show_bug.cgi?id=319
------- Additional Comments From mouring at eviladmin.org 2002-06-29 02:59 -------
Created an attachment (id=120)
Sounds like an SIA issue w/ privsep. Does this fix it?
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2002 Jul 01
0
[Bug 327] New: monitor_fdpass.c: Expected 1 got 1075033556 - Privilege Separation
http://bugzilla.mindrot.org/show_bug.cgi?id=327
Summary: monitor_fdpass.c: Expected 1 got 1075033556 - Privilege
Separation
Product: Portable OpenSSH
Version: -current
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: major
Priority: P2
Component: Miscellaneous
AssignedTo:
2002 Jul 03
0
[Bug 331] New: ssh w/o privilege separation does not work for non-root users
http://bugzilla.mindrot.org/show_bug.cgi?id=331
Summary: ssh w/o privilege separation does not work for non-root
users
Product: Portable OpenSSH
Version: -current
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: major
Priority: P3
Component: ssh
AssignedTo:
2002 Jul 03
0
[Bug 331] ssh w/o privilege separation does not work for non-root users
http://bugzilla.mindrot.org/show_bug.cgi?id=331
------- Additional Comments From norbert.bladt at t-systems.ch 2002-07-03 17:34 -------
Forgot to mention the kernel version: 2.2.14-5.0, sorry.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.