[Bug 3835] New: ssh-agent should not close its file descriptors

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Fri Jun 6 00:13:29 AEST 2025


https://bugzilla.mindrot.org/show_bug.cgi?id=3835

            Bug ID: 3835
           Summary: ssh-agent should not close its file descriptors
           Product: Portable OpenSSH
           Version: 10.0p2
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P5
         Component: ssh-agent
          Assignee: unassigned-bugs at mindrot.org
          Reporter: ca.bugmo at te2000.cz

Commit 66e9868 in openssh-portable introduces closefrom() call which
closes all file descriptors above stderr (or open socket) which breaks
file descriptor inheritance for any processes spawned by ssh-agent.
This is undocumented, breaks existing setups and has no real benefit,
so I consider this a bug.

As ssh-agent allows specifying arbitrary commands to be run
1) immediately, conventionally for user session to which the lifetime
of ssh-agent is tied to
2) for prompting for passphrases and confirmations using the
ssh-askpass protocol
it should try to affect the inherited process state as little as
possible.
Either of those can rely on pre-opened file descriptors as a means of
communication or access control, especially in restricted environments
(pledge, capsicum, seccomp-based sandboxes) where arbitrary open() and
connect() are not available.

The breaking change in question:
https://github.com/openssh/openssh-portable/commit/66e986880b2472fefaad781f10113b138b65ff27#diff-64f011dcd3743e55240373eab3f3b6be62a5fe643e5d2c200f67a122b924daf9R2407

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list