[Bug 3277] New: Global ssh_config file permissions are not checked.

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Thu Mar 11 12:36:04 AEDT 2021


https://bugzilla.mindrot.org/show_bug.cgi?id=3277

            Bug ID: 3277
           Summary: Global ssh_config file permissions are not checked.
           Product: Portable OpenSSH
           Version: 8.5p1
          Hardware: Other
                OS: Windows 10
            Status: NEW
          Severity: normal
          Priority: P5
         Component: ssh
          Assignee: unassigned-bugs at mindrot.org
          Reporter: balu.gajjala at gmail.com

This is a rare situation but it can happen by mistake. 

Global ssh_config is not checked for the right file permissions.

If a root user accidentally gives write permissions to non-root users
then it leads to undesirable behavior. 

It's a single line change to add "SSHCONF_CHECKPERM" flag while calling
read_config_file().

https://github.com/openssh/openssh-portable/blob/2421a567a8862fe5102a4e7d60003ebffd1313dd/ssh.c#L585

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list