[Bug 296] Priv separation does not work on OSF/1
Ben Lindstrom
mouring at etoh.eviladmin.org
Wed Jun 26 03:10:43 EST 2002
On Tue, 25 Jun 2002, Corinna Vinschen wrote:
> On Tue, Jun 25, 2002 at 06:49:25PM +0200, Markus Friedl wrote:
> >
> > just a fyi:
> > it seems that fd-passing is broken on DEC OSF/1 DU-4.0d
> >
> > so something like
> >
> > > --- ../openssh-3.3/sshd.c Fri Jun 21 01:05:56 2002
> > > +++ ./sshd.c Fri Jun 21 21:17:37 2002
> > > @@ -596,7 +596,11 @@
> > > /* XXX - Remote port forwarding */
> > > x_authctxt = authctxt;
> > >
> > > +#ifdef DEC_OSF...
>
> Thank you! I didn't know that this is possible. It also works
> on Cygwin then since descriptor passing is the actual problem
> preventing the usage of privsep on Cygwin.
>
> Would you mind to change that to
>
> #if defined (DEC_OSF) || defined (HAVE_CYGWIN)
>
> ???
>
> If I understand that correctly, privsep still works for preauth
> then. Is it correct that this doesn't create a second sshd
> process? At least I don't see one in the process list when
> privsep is on and the above patch applied.
>
> Corinna
>
#ifdef BROKEN_FD_PASSING
or something like that since it affects multiple platforms.
- Ben
More information about the openssh-unix-dev
mailing list