[Bug 296] Priv separation does not work on OSF/1

Corinna Vinschen vinschen at redhat.com
Wed Jun 26 03:14:16 EST 2002


On Tue, Jun 25, 2002 at 06:49:25PM +0200, Markus Friedl wrote:
> 
> just a fyi: 
> it seems that fd-passing is broken on DEC OSF/1 DU-4.0d
> 
> so something like
> 
> > --- ../openssh-3.3/sshd.c       Fri Jun 21 01:05:56 2002
> > +++ ./sshd.c    Fri Jun 21 21:17:37 2002
> > @@ -596,7 +596,11 @@
> >         /* XXX - Remote port forwarding */
> >         x_authctxt = authctxt;
> >
> > +#ifdef DEC_OSF...

Thank you!  I didn't know that this is possible.  It also works
on Cygwin then since descriptor passing is the actual problem
preventing the usage of privsep on Cygwin. 

Would you mind to change that to

#if defined (DEC_OSF) || defined (HAVE_CYGWIN)

???

If I understand that correctly, privsep still works for preauth
then.  Is it correct that this doesn't create a second sshd
process?  At least I don't see one in the process list when
privsep is on and the above patch applied.

Corinna

-- 
Corinna Vinschen
Cygwin Developer
Red Hat, Inc.
mailto:vinschen at redhat.com



More information about the openssh-unix-dev mailing list