Problems with UsePrivilegeSeparation (was: port fwd as user != root?

Ben Lindstrom mouring at
Wed May 29 04:23:32 EST 2002

On Tue, 28 May 2002, Joshua Hill wrote:

> Herein lies your problem.
> The flag combination (MAP_SHARED|MAP_ANONYMOUS) is not supported in
> the linux 2.2 kernels.  Searching the linux-mm list archives reveals
> that this can't be trivially added due the linux-2.2 VM's assumption
> that all swap cache pages are read-only; see the linux-mm thread that
> starts at for
> some proposals for adding shared anonymous mappings to the linux 2.2 VM
> that didn't quite work out
> The linux-2.4 VM supports shared anonymous mappings.  I'm not prepared
> to move my production boxes to a 2.4 kernel, and it would seem that
> adding shared anonymous mappings to the v2.2 VM is not a trivial matter.
> All this being said, I'm really interested in using the Privilege
> Separation feature of OpenSSH.  As such, I'm going to try to add SYSV
> IPC SHM support to openssh... Unless someone else beats me to it, of
> course. :-)

There are too many issues in regards to SysV Shared Memory.  It leaks at
best and is corrupted at worse.  Even under Solaris (I have too many UNIFY
'databases' roaming around that step all over SysV Memory.  It's a
horrible design).

The mmap() is only required is you wish to have compression support in the
server.  Looking at our current code base I see we have not merged what is
needed to handle lack of mmap() yet.

You may want to focus our energy on a patch that would kill two birds with
one stone.  The the lack mmap() (on cray and other OSes) and your issues
by allowing the admin to disable compression at runtime.  This would allow
for a lot more platform support.

- Ben

More information about the openssh-unix-dev mailing list