[Bug 2615] LoginGraceTime bypass (DoS)
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Thu Sep 15 22:56:57 AEST 2016
https://bugzilla.mindrot.org/show_bug.cgi?id=2615
--- Comment #1 from Tomas Kuthan <tomas.kuthan at oracle.com> ---
Created attachment 2875
--> https://bugzilla.mindrot.org/attachment.cgi?id=2875&action=edit
watchdog process backing-up login_grace_time alarm
I have implemented and successfully tested a candidate fix - a single
purpose watchdog process backing up login_grace_time alarm in the main
process. If the main process doesn't authenticate or exit in
login_grace_time seconds, the watchdog kills it by SIGTERM (or
eventually SIGKILL). Patch attached.
I have rejected several other fix ideas:
- threads - unlikely to be accepted upstream
- main sshd process keeping track of unauthenticated children
- too much logic in process listening for new connection
- allow preauth child to send signal to the monitor
- too much privs to unprivileged process
- wouldn't work w/o privilege separation
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list