[Bug 2511] Drop fine-grained privileges on Illumos/Solaris

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Mon Dec 14 20:44:14 AEDT 2015


https://bugzilla.mindrot.org/show_bug.cgi?id=2511

Alex Wilson <alex+mailinglists_openssh-dev at cooperi.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #2771|0                           |1
        is obsolete|                            |

--- Comment #8 from Alex Wilson <alex+mailinglists_openssh-dev at cooperi.net> ---
Created attachment 2772
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2772&action=edit
patch-v4

One last amendment, after a colleague reminded me of a fix that I
should have merged into this patch.

It fixes the case where a user (for some reason) decides they want to
let sftp-server log in as root and they wish to have root's ability to
read and write any file on the system. Privilege code that starts with
priv_basicset() implicitly drops all of root's special rights
(including these "DAC" filesystem rights), so this amendment changes
the sftp-server to explicitly retain those particular parts of root (if
it has them) while still dropping everything else.

As I understand it, the other places this patch injects priv drops (for
the ssh-agent, client mux and daemon sandbox) are fine with dropping
all special root abilities if they are started with any of them, so
those functions don't need to change.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list