[Bug 2107] seccomp sandbox breaks GSSAPI
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Thu Feb 6 10:54:39 EST 2014
https://bugzilla.mindrot.org/show_bug.cgi?id=2107
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED
CC| |djm at mindrot.org
Assignee|unassigned-bugs at mindrot.org |djm at mindrot.org
--- Comment #1 from Damien Miller <djm at mindrot.org> ---
Created attachment 2406
--> https://bugzilla.mindrot.org/attachment.cgi?id=2406&action=edit
Cache supported oids before privilege separation
Instead of calling out to the monitor, could we do it before the
privsep child is forked? ssh_gssapi_supported_oids() doesn't seem to
need any context to work.
This patch tries to do this, but I have no way to test it (and really
no clue at all when it comes to GSSAPI/Kerberos).
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list