Priv Sep SSH has / as CWD
Damien Miller
djm at mindrot.org
Mon Feb 15 08:10:34 EST 2010
On Sun, 14 Feb 2010, Jon Kibler wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi,
>
> This may or may not be a bug. However, it is DEFINITELY NOT how I would
> expect and want to see sshd work!
>
> If you run lsof against sshd on a privilege separated user, it shows
> that sshd's CWD is /. I would hope that the CWD would be at a minimum
> /var/empty/sshd and I would really have thought it would be something
> along the lines of /var/empty/sshd/USER. (In fact, lsof does not show
> any references to /var/empty... which I assume means that it is only
> referenced during startup??)
cwd is relative to the chroot directory. Remember what chroot does?
> I also noticed that the listener sshd also has / as its CWD. I would
> have thought that it would have had ~root or /var/run as its CWD to
> prevent core files from being left in / where it may be possible for
> someone to find and pursue those files.
chdir(/) is the normal behaviour of daemon programs. If your system writes
.core files with world-readable permissions then your have bigger problems.
-d
More information about the openssh-unix-dev
mailing list