[Bug 1976] New: sshd leaks stderr fd when run as 'sshd -D'
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Tue Feb 7 03:31:22 EST 2012
https://bugzilla.mindrot.org/show_bug.cgi?id=1976
Bug #: 1976
Summary: sshd leaks stderr fd when run as 'sshd -D'
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.9p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: james.hunt at ubuntu.com
When run as 'sshd -D', the server calls server_accept_inetd(). This
function sets stdin and stdout to /dev/null, but crucially does _not_
set stderr.
As such, this fd is leaked from a privileged process (either the parent
sshd or the priv-separation process for the user (for example "sshd:
james [priv]")) to a non-priv process (for example "sshd:
james at pts/0").
I suspect the rationale for leaving stderr as-is is to allow for
debug-mode (where the user specifies '-d') such that debug information
is written to stderr. However, if sshd is run exactly as 'sshd -D', no
'-d' has been specified, so the user does not want debug output. Thus,
even though the process does not daemonize, it should still dup stderr
to /dev/null.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list