[Bug 270] PrivSep breaks sshd on AIX for non-root users

Gert Doering gert at greenie.muc.de
Mon Jun 10 06:07:51 EST 2002


Hi,

On Sun, Jun 09, 2002 at 02:47:50PM -0500, Ben Lindstrom wrote:
> I'll close this out when bugzilla will accept my login. =)  But PrivSep
> can't be ran by a non-root user.
> 
> 1. All network code runs a non-prived user.. ALA 'sshd' user.
> 2. chroot() can not be done by a normal user.

May I suggest some startup messages to that extent?

  if (privsep && user not root) 
	fatal("must be root to use privsep");

  if (privsep && getpwnam("sshd") == NULL )
	fatal("no user sshd, can't use privsep");

  if (privsep && stat("/var/empty") < 0 )
	fatal("no /var/empty directory, can't use privsep");

It's so much easier if programs tell you that they aren't going to work
right at startup, instead of "startup works fine, first connect comes in,
boom" and "log file reading time".

I'm not really sure where such code would have to go to, somewhere in
the vicinity of the "can't bind() port? -> fatal()" section, propably...

gert
-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert at greenie.muc.de
fax: +49-89-35655025                        gert.doering at physik.tu-muenchen.de



More information about the openssh-unix-dev mailing list