[Bug 1903] bindresvport_sa() does not validate non-zero struct sockaddr * port is within intended range
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Wed Jan 23 20:00:00 AEDT 2019
https://bugzilla.mindrot.org/show_bug.cgi?id=1903
Darren Tucker <dtucker at dtucker.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
CC| |dtucker at dtucker.net
Resolution|--- |FIXED
--- Comment #2 from Darren Tucker <dtucker at dtucker.net> ---
We fixed this in a manner of speaking by removing support for running
ssh as root and binding to a low-numbered ports in OpenSSH 7.8.
https://www.openssh.com/releasenotes.html#7.8 says:
"""
* ssh(1): remove vestigal support for running ssh(1) as setuid. This
used to be required for hostbased authentication and the (long
gone) rhosts-style authentication, but has not been necessary for
a long time. Attempting to execute ssh as a setuid binary, or with
uid != effective uid will now yield a fatal error at runtime.
"""
For anyone still requiring the low-numbered port functionality for
legacy reasons we recommend a small setuid helper ProxyCommand or some
source-NAT trickery.
Thanks for the report.
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list