[Bug 125] with BSM auditing, cron editing thru ssh session causes cron jobs to fail

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Sun Jul 14 13:38:38 EST 2002


http://bugzilla.mindrot.org/show_bug.cgi?id=125





------- Additional Comments From jrj at purdue.edu  2002-07-14 13:38 -------
The above attachment includes an update of the original patch by Darren J.
Moffat at Sun for this problem.  I took his 3.1p1 based patch and:

  * updated it to 3.4p1

  * added autoconf support to auto-detect the need for the extra functions

  * fixed one incredibly minor potential (probably would never happen)
    memory leak

  * added support for earlier versions of Solaris (pre-IPv6, e.g. 2.6)

Note that if BSM is enabled, the code disables (with a warning) the
privilege separation feature.  This is because the audit functions must
be done as root, which is the parent of the two processes, and the data
would not flow back down into the child.  At least, I didn't see any
easy way to do it (but I didn't look all that hard).

If BSM is not enabled, privilege separation will be used (or not) as it
would without the patch.

John R. Jackson, Technical Software Specialist, jrj at purdue.edu




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.



More information about the openssh-unix-dev mailing list