Call for testing: OpenSSH 6.8
Darren Tucker
dtucker at zip.com.au
Sat Feb 28 05:04:20 AEDT 2015
On Fri, Feb 27, 2015 at 9:19 AM, Michael Felt <aixtools at gmail.com> wrote:
>
> One problem coming directly is that the -L flag (-L/opt/libressl/lib is not
> being included in the -blibpath so the programs link, but do not run.
> I am sure there is a way for me to modify the blibpath - BUT - I ask you do
> consider inserting an openssl-dir path when it is not
> already in the blibpath variable.
>
There's a reason why it isn't: where that directory is writeable by a
non-root user it becomes a vector for local privilege escalation via
OpenSSH's setuid binaries.
http://lists.mindrot.org/pipermail/openssh-unix-dev/2003-April/017768.html
Now that decision was made back in the day when OpenSSL's shared library
support was still considered experimental. Maybe we could check that the
path is a) absolute and b) system-owned all the way down and add it to
blibpath if both are true.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list