[Bug 396] sshd orphans processes when no pty allocated

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Wed Jul 11 23:02:21 EST 2007


http://bugzilla.mindrot.org/show_bug.cgi?id=396





--- Comment #12 from Matthieu Hautreux <matthieu.hautreux at cea.fr>  2007-07-11 23:02:19 ---
Created an attachment (id=1324)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=1324)
Modified patch for openSSH-4.6p1

Modified patch for the Openssh 4.6p1 release

This patch add an option in sshd_config (RemoteCommandCleanup no|(yes))
that enables sshd to send a HUP signal to child process group when no
tty was allocated (remote command execution) and session is closing.
The signal must be send to process group because child process is often
the user shell invoked to launch the real command.

I think that this problem should be solve in the next openSSH release.
It causes a lot of orphan processes on the server and wastes resources.
Furthermore, in a secure environment, you need a forwarded credential
to access the file system, credential is removed when sshd exits and
then the file system can no longer be accessed. There is no reason to
let processes run if they are not allowed to access FS. 


-- 
Configure bugmail: http://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are watching the reporter.


More information about the openssh-bugs mailing list