[Bug 2060] New: sshd tries to use chdir to users home directory as root
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Fri Jan 11 09:31:38 EST 2013
https://bugzilla.mindrot.org/show_bug.cgi?id=2060
Bug ID: 2060
Summary: sshd tries to use chdir to users home directory as
root
Classification: Unclassified
Product: Portable OpenSSH
Version: 6.1p1
Hardware: Sparc
OS: Solaris
Status: NEW
Severity: normal
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
Reporter: metadalek at gmail.com
The chdir in session.c around line 1736 appears to be performed while
sshd is running as the root user. This fails on systems where root does
not have access to the users home directory. Examples are NFS mounted
directories where the client machine does not have root trust (root
user is mapped to nobody etc).
I think sshd should either change uid to the target user before this
segment of code is executed and maintain euid root or vice versa.
I will experiment with a fix myself.
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list