privsep no user fatal message

Markus Friedl markus at openbsd.org
Sun Apr 21 03:53:23 EST 2002


the [net] process run's in /var/empty, the [priv] process 
does authentication and is not chrooted.

-m

On Sat, Apr 20, 2002 at 05:11:15PM +0400, Michael Tokarev wrote:
> Pekka Savola wrote:
> > 
> > Hello,
> > 
> > I updated the latest snapshot as RPM's to two of my systems.  Basic stuff
> > seems to be working ok.
> > 
> > Privilege separation failed though, possibly because I didn't populate
> > /var/empty with PAM entries.  Privsep might be a bit raw in any case, at
> > least for the portable.
> 
> Hmm...  /var/empty is just this -- empty.  It shouldn't be populated with
> anything.  Or else, if ssh requires some files in it's chroot, the chroot
> jail should be separate, private to ssh directory.  Anyway, putting PAM
> files into chroot jail seems to be unreasonable at least -- having security-
> related configs in jail is wrong.  I don't know how privsep currently works,
> but IMHO lowpriv process should NOT touch ANY system file(s) at all, all
> auth (including PAM) stuff belongs to privileged process anyway.
> 
> Regards,
>  Michael.
> _______________________________________________
> openssh-unix-dev at mindrot.org mailing list
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev



More information about the openssh-unix-dev mailing list