why fd passing?
Phil Howard
phil-openssh-unix-dev at ipal.net
Thu Jun 27 20:12:50 EST 2002
On Thu, Jun 27, 2002 at 12:02:32PM +0200, Markus Friedl wrote:
| On Wed, Jun 26, 2002 at 11:46:24AM -0500, Phil Howard wrote:
| > Why not go ahead and have the monitor set one up before it forks
| > the child?
|
| with protocol 2 multiple pty and multiple login
| shells over one connection are allowed.
| the ssh.com windows clients supports this for
| example.
If a given system can allocate a pty w/o root, would it be possible
for that system to just let the user privilege process do it? If
so, a system which can't do fd passing but can do pty w/o root could
get around that problem that way.
What about a configurable quota on the maximum number of ptys a
process can get set up for it by the monitor, so that can't be used
as a denial of service exploit from inside a cracked user privilege
process? Or would that not be worth the trouble?
I like privsep, but I can certainly see a lot of complications in it.
| > I do not see from this illustration how mmap() is involved.
|
| it's used for passing the internal zlib compression
| state around.
I was assuming something like that. It just wasn't shown. I hope
when things settle down that detailed technical documentation can
be prepared, or the current little blub can be expanded. Not everyone
can figure this out by reading code.
--
-----------------------------------------------------------------
| Phil Howard - KA9WGN | Dallas | http://linuxhomepage.com/ |
| phil-nospam at ipal.net | Texas, USA | http://phil.ipal.org/ |
-----------------------------------------------------------------
More information about the openssh-unix-dev
mailing list