[Bug 1080] 4.1p1 to 4.2p1 broke UsePrivilegeSeparation on HPUX

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Thu Sep 8 04:00:04 EST 2005


http://bugzilla.mindrot.org/show_bug.cgi?id=1080

           Summary: 4.1p1 to 4.2p1 broke UsePrivilegeSeparation on HPUX
           Product: Portable OpenSSH
           Version: 4.2p1
          Platform: HPPA
        OS/Version: HP-UX
            Status: NEW
          Severity: security
          Priority: P2
         Component: sshd
        AssignedTo: bitbucket at mindrot.org
        ReportedBy: jaearick at colby.edu
                CC: jaearick at colby.edu


4.2p1 code configured on HPUX 11.11 as: 
./configure CC="gcc" CFLAGS="-O" \
        --prefix=/opt/openssh --sysconfdir=/etc/ssh \
        --with-ssl-dir=/opt/openssl --with-zlib \
        --without-rsh --with-pam --with-privsep-user=ssh \
        --with-tcp-wrappers --with-ipv4-default >& configure.out

If UsePrivilegeSeparation=yes in sshd.config, then ssh connections fail with the syslog message:
fatal: mm_receive_fd: recvmsg: expected received 1 got 0
The only way 4.2p1 will work on HPUX 11.11 is to set UsePrivilegeSeparation=no, which I view 
as a security hazard and will not do.  UsePrivilegeSeparation=yes worked correctly with 4.1p1.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list