OpenSSH 3.4 released

Corinna Vinschen vinschen at redhat.com
Thu Jun 27 02:21:03 EST 2002


On Wed, Jun 26, 2002 at 04:40:31PM +0200, Markus Friedl wrote:
> OpenSSH 3.4 has just been released. It will be available from the
> mirrors listed at http://www.openssh.com/ shortly.
> [...]
>   In addition, OpenSSH 3.4 adds many checks to detect 
>   invalid input and mitigate resource exhaustion attacks.

Cool.  This version introduces a new error:

--- sshd.c.orig	2002-06-26 18:21:03.000000000 +0200
+++ sshd.c	2002-06-26 18:20:55.000000000 +0200
@@ -1035,7 +1035,13 @@ main(int ac, char **av)
 		    (S_ISDIR(st.st_mode) == 0))
 			fatal("Missing privilege separation directory: %s",
 			    _PATH_PRIVSEP_CHROOT_DIR);
+#ifdef HAVE_CYGWIN
+		if (check_ntsec(_PATH_PRIVSEP_CHROOT_DIR) &&
+		    (st.st_uid != getuid () ||
+		     (st.st_mode & (S_IWGRP|S_IWOTH)) != 0))
+#else
 		if (st.st_uid != 0 || (st.st_mode & (S_IWGRP|S_IWOTH)) != 0)
+#endif
 			fatal("Bad owner or mode for %s",
 			    _PATH_PRIVSEP_CHROOT_DIR);
 	}

I really wanted to test Ben's test version but there's also a time
for sleep and when I tried to download that testversion it was
already unavailable.

Thanks,
Corinna

-- 
Corinna Vinschen
Cygwin Developer
Red Hat, Inc.
mailto:vinschen at redhat.com



More information about the openssh-unix-dev mailing list