similar to: rsync --daemon bypasses directory permissions on Linux (PR#3700)

When writing to a RHEV target, virt-v2v launches the libguestfs appliance with euid:egid = 36:36, which is required to write to an NFS target using root_squash. Since the update to use an febootstrap cached appliance, this causes an error on startup as the cached files are owned by root, but the cache directory is owned by 36:36. The reason for this is that execve() resets euid and egid to uid and

Ok, for those running NeXT and other platforms with broken/missing _POSIX_SAVED_ID please try this patch, and anyone that has spent any amount of time dealing with this problem. I believe it's right. BTW, this patch is no where near as big as it looks. The patch was done against an earily version of the tree which had an issue with white space. - Ben --- ../openssh/uidswap.c Sun Apr 22

Hello Porters, I am attempting to compile OpenSSH 2.9.9p2 on a Dynix V4.4.4 host. I have set USE_PIPES and BROKEN_SAVED_UIDS (the latter because there are no functions for set{eu,eg}id() that I can find). I configured with "./configure '--with-libs=-lnsl -lsec'". Each time I attempt to login, I get this error: No utmp entry. You must exec "login" from

Hello Porters, I've finally (thanks to Wendy Palm of Cray) ported OpenSSH to Dynix v4.4.4. I had to make sure that "UseLogin" was set to "no" in the sshd_config file. Also, here are the old-style contextual diffs (obtained with 'diff -c' on the Dynix box) of the two files I had to change: *** configure Sat Jun 16 17:09:50 2001 --- configure.new Mon Oct 8

On 05/08/17 11:17, Andrea Venturoli wrote: > Hello. > > I've got a network of FreeBSD servers which traditionally hosted a > classic domain. > I upgraded some months ago, removing the old PDC and BDC and migrating > to an AD DC controller in a jail. > This is working fine with Samba 4.4.13. > > Now I'm trying to add a second DC, so I created a new jail on

On Mon, 2017-05-15 at 18:58 +0200, Andrea Venturoli via samba wrote: > On 05/08/17 11:17, Andrea Venturoli wrote: > > Hello. > > > > I've got a network of FreeBSD servers which traditionally hosted a > > classic domain. > > I upgraded some months ago, removing the old PDC and BDC and migrating > > to an AD DC controller in a jail. > > This is

The sshd server has what I think is a serious flaw. There appears to be no way to turn off remote command execution. (someone please correct me if I am wrong). We have a server which uses a chroot jail, and rbash to severely limit what users can do on our system. The remote command bypasses all of that. ie. ssh user at host cat /etc/passwd will display the password file for the live system

I'm trying to get OpenSSH 2.5.2p2 to run on HP-UX 9.05. I've had some decent results, but I'm also seeing some problems. I'm using the EGD (I configured with --with-prngd-socket=/tmp/entropy). * Compiling required some changes, which I've attached. Two of the changes are "hackish", and not at all suited to inclusion in the source tree, but they might point

FreeBSD-12.1p7 jail running Samba-4.10.15 on ZFS. When I run 'samba-tool domain backup offline targetdir=/tmp' I see this: running backup on dirs: /var/db/samba4/private /var/db/samba4 /usr/local/etc Starting transaction on /var/db/samba4/private/secrets At which point samba-tool enters a permanent wait state. 86064 root 1 52 0 131M 78M wait 3 0:01 0.00%

Sorry if I'm duplicating an existing patch, but... On systems with no seteuid() that have setreuid() there is an emulation, but if both are lacking (but we do have setresuid()), nothing is done. The following seems to be right, but I've only got one machine (running an ancient version of HP-UX) which needs this so it may not be general: --cut-here-- --- config.h.in.orig Thu Jun 7

-----BEGIN PGP SIGNED MESSAGE----- > Date: Fri, 2 May 1997 12:33:00 -0500 > From: "Thomas H. Ptacek" <tqbf@ENTERACT.COM> > On almost all Unix operating systems, having superuser access in a > chroot() jail is still dangerous. In some recent revisions of 4.4BSD > operating systems, root can trivially escape chroot(), as well. I was thinking about possible attacks

Hello, I've been compiling OpenSSH up on just about every platform that I can get my hands on. I am not certain of the best way of building my 'fixes' into the source tree, not least of all since I didn't worry about #ifdef's or the configure scripts. However hopefully this will be of use to you. This is all for openssh-2.2.0p1 compiled alongside openssl-0.9.5a and

Please, I can`t see my messages. Can anyone confirm if it is reaching to the list? Thnaks! ?lvaro ----- Original Message ----- From: Alvaro Lassance <lassance@sidercom.com.br> To: <samba@lists.samba.org> Sent: Thursday, December 27, 2001 1:39 PM Subject: SETEUID > > > Hello! > > > > Anyone knows how I install the "seteuid method" in a RH 7.0? >

Below I've includes a patch which helps build OpenSSH outside from a read-only source tree, find OpenSSL on Mac OS X, and fix a typo. This applies to OpenSSH 2.1.1p4. You should already have gotten a note from Melissa O'Neil about a conflict with the crc32() symbol in zlib, which was causing a crash on Darwin. I've noticed another bug. If ssh is setuid, I get a permission

http://bugzilla.netfilter.org/show_bug.cgi?id=730 Summary: DHCP request (and other?) traffic bypasses iptables/netfilter Product: netfilter/iptables Version: linux-2.6.x Platform: x86_64 OS/Version: Ubuntu Status: NEW Severity: major Priority: P5 Component: unknown AssignedTo:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-07:01.jail Security Advisory The FreeBSD Project Topic: Jail rc.d script privilege escalation Category: core Module: etc_rc.d Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-07:01.jail Security Advisory The FreeBSD Project Topic: Jail rc.d script privilege escalation Category: core Module: etc_rc.d Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-07:01.jail Security Advisory The FreeBSD Project Topic: Jail rc.d script privilege escalation Category: core Module: etc_rc.d Announced:

Hi, i've got this problem with my jail and i'm abolutly lost as in the why of it. I previously posted this on comp.unix.bsd.freebsd.misc but i was advised to send here I was unable to find help on google :( To resume quick, when i'm in a jail, netstat doesn't work properly. Hopefully i have provided sufficient information for anyone willing to help me :p First of all, my system :

Hi *, I recently triggered an error when setting up a jail-host: I configured the jail(s) like evry jail I set up in the past: On the jail-hosts /etc/rc.conf: # ---- Jail-Globals ---- jail_enable="YES" # Set to NO to disable starting of any jails jail_list="ftp mx1 relay" # Space separated list of names of jails