Cray patch against openssh-SNAP-20010802

William L. Jones jones at mail.utexas.edu
Fri Aug 3 01:01:11 EST 2001 

Significant changes since last patch.  

Deleted patches to packet.c and channel.c - not needed. 

Add small patch to sshd.c and openbsd/ssh-cray.c 
to disable cray process privileges.  Depending
on how a cray unicos/unicosmk system is configured user 
could su to root without a password with out this mod.

Add no_sco flag to noop check for -lrpc which assumes that
their was a -lyp library.

Changed ifdef around sigchld_handler to ifdef out mysignal
on crays.  This works around a unicos sigacton bug.

Defined INADDR_LOOPBACK in entropy.c

The details on all the patches:

 configure.in  - Add work around to sco libyp assumution.
 sshd.c        - Turn off cray process privileges root is enough on PRIV_SU
			  unicos/unicosmk systems.
 entropy.c     - Define INADDR_LOOPBACK
 deattack.c    - Modified to not depend on u_int16_t
		       being 16bit in size.   
 scp.c         - Modified to use alarm instead of setitimer. 
		       Unicos does not support setitier. 
 serverloop.c	- Modified sigchld_handler to not reset
		       on Crays.  This is the
		       only case its needs to be reset, the side effect
   	            is it fixes the problem with a infinite signal loop
 			  under unicos and unicosmk.
		       Modified waitpid to keep trying if it gets an EINTR,
 		       this can happen due to job termination signal on unicos and
		       unicosmk.
 session.c     - Added unicos/unicosmk job termination signal handler. 
		       Add TMPDIR environment variable.
			  Add code to set up a unicos/unicosmk job and system
		       limits.
 sshpty.c      - Unicos/unicosk pty support.

In openbsd-compat directory:
 bindresvport.c & - Code around the fact that the address of  sin_port 
 rresvport.c.       really is 64 bit aligned on a SV1.
 bsd-cray.c       - Clean up cray support routines.  Fix su related
		          security bug.
 bsd-cray.h       - Cray support subroutine proto types.


Bill Jones
-------------- next part --------------
A non-text attachment was scrubbed...
Name: craymods
Type: application/octet-stream
Size: 17570 bytes
Desc: not available
Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20010802/5be5ff8a/attachment.obj

More information about the openssh-unix-dev mailing list