OpenSSH/scp ->> F-Secure SSH server Problems
Damien Miller
djm at mindrot.org
Wed Mar 14 15:28:56 EST 2001
On Tue, 13 Mar 2001, Greg A. Woods wrote:
> > > The "built-in subsystem" feature is bad design. It has no business
> > > being directly in the transport protocol. It is an ugly wart.
> >
> > No, it is a robust way of specifying server systems without having to
> > rely on locations of binaries, etc.
>
> While some folks would no doubt want to specify the location of a binary
> for various ill-thought-out security reasons, there is no real valid
> reason do to so. By not doing so one allows the server to choose the
> correct binary by use of some platform specific methodology (eg. the
> search PATH variable in POSIX systems).
There is no reason not to do so, especially when it is so cheap
(the incremental cost of the subsystem function is practially nil).
In fact, there is a fair tradition of keeping helper binaries out of
the $PATH on Unix systems (in libexec directories, etc).
Of course the protocol doesn't mandate any of this - subsystems simply
offer a binding of a name to some service. All of the details of how
this are accomplised are left up to the implementation.
> Point of fact is that this silly protocol wart did not make OpenSSH more
> robust in the face of a botched build system that specified the location
> of the sftp server program in one place and then installed it into
> another (one version of the NetBSD pkgsrc module did this, though
> perhaps it was a generic bug in the OpenSSH build/install makefiles).
> The hard-coded path in the "sshd" binary was in fact its downfall -- had
> the built-in subsystem feature been avioded there would have been no
> problem since the sftp server was found in the daemon's $PATH.
This is incorrect, paths to subsystem binaries are not hard-coded - they
are a sshd_config option.
> > It does not require that the
> > subsystems be integrated into the server.
>
> I'm not talking about any implementations, I'm talking about the protcol.
You seem to be mixing both pretty freely.
-d
--
| Damien Miller <djm at mindrot.org> \ ``E-mail attachments are the poor man's
| http://www.mindrot.org / distributed filesystem'' - Dan Geer
More information about the openssh-unix-dev
mailing list