ssh drops privs when it can't find ~/.ssh/prng_seed
Andrew Stribblehill
a.d.stribblehill at durham.ac.uk
Wed Jan 17 10:53:52 EST 2001
Quoting Damien Miller <djm at mindrot.org>:
> On Tue, 16 Jan 2001, Andrew Stribblehill wrote:
>
> > I'm using OpenSSH 2.3.0p1. When my users use ssh for the first
> > time, using rhosts authentication, entropy.c drops the privs in
> > prng_write_seedfile() at the setuid(original_uid) line (line 550,
> > approx):
>
> > Can anyone explain firstly why it does this, and secondly how I
> > can stop it?
>
> Try the below patch, which causes seeds to be only written upon exit.
<snip>
That works fine; it fixes the problem I reported, seemingly without
creating any other errors.
Is it going to be checked into CVS?
Thanks,
Andrew Stribblehill
Systems programmer, IT Service, University of Durham, England
More information about the openssh-unix-dev
mailing list