OpenSSH 3.4 released
Corinna Vinschen
vinschen at redhat.com
Thu Jun 27 02:21:03 EST 2002
On Wed, Jun 26, 2002 at 04:40:31PM +0200, Markus Friedl wrote:
> OpenSSH 3.4 has just been released. It will be available from the
> mirrors listed at http://www.openssh.com/ shortly.
> [...]
> In addition, OpenSSH 3.4 adds many checks to detect
> invalid input and mitigate resource exhaustion attacks.
Cool. This version introduces a new error:
--- sshd.c.orig 2002-06-26 18:21:03.000000000 +0200
+++ sshd.c 2002-06-26 18:20:55.000000000 +0200
@@ -1035,7 +1035,13 @@ main(int ac, char **av)
(S_ISDIR(st.st_mode) == 0))
fatal("Missing privilege separation directory: %s",
_PATH_PRIVSEP_CHROOT_DIR);
+#ifdef HAVE_CYGWIN
+ if (check_ntsec(_PATH_PRIVSEP_CHROOT_DIR) &&
+ (st.st_uid != getuid () ||
+ (st.st_mode & (S_IWGRP|S_IWOTH)) != 0))
+#else
if (st.st_uid != 0 || (st.st_mode & (S_IWGRP|S_IWOTH)) != 0)
+#endif
fatal("Bad owner or mode for %s",
_PATH_PRIVSEP_CHROOT_DIR);
}
I really wanted to test Ben's test version but there's also a time
for sleep and when I tried to download that testversion it was
already unavailable.
Thanks,
Corinna
--
Corinna Vinschen
Cygwin Developer
Red Hat, Inc.
mailto:vinschen at redhat.com
More information about the openssh-unix-dev
mailing list