FS#31965 - [openssh] defunct sandbox privilege separation
Attached to Project:
Arch Linux
Opened by Amos Onn (amos) - Monday, 15 October 2012, 03:19 GMT
Last edited by Gaetan Bisson (vesath) - Monday, 15 October 2012, 12:10 GMT
Opened by Amos Onn (amos) - Monday, 15 October 2012, 03:19 GMT
Last edited by Gaetan Bisson (vesath) - Monday, 15 October 2012, 12:10 GMT
|
Details
Description:
Since OpenSSH 5.9, the UsePrivilegeSeparation option in /etc/ssh/sshd_config has a new legal value - sandbox. This means that the intermediate process used to create the underprivileged sshd process which will continue the session will also be sandboxed to make sure it does nothing funny. Our default config file, apparently copied from OpenBSD, uses this value. However, for this option to actually do anything new, the openssh suite has to be compiled with the following configure switch: --with-sandbox=style Specify privilege separation sandbox (no, darwin, rlimit, systrace, seccomp_filter) which decides which method of sandboxing will be compiled. Thus, it is best either to add this switch (with a proper value) to the PKGBUILD, or change the UsePrivilegeSeparation back to "yes". Additional info: * openssh-6.1p1-2 |
This task depends upon
Comment by Gaetan Bisson (vesath) -
Monday, 15 October 2012, 04:42 GMT
Comment by Gaetan Bisson (vesath) -
Monday, 15 October 2012, 04:43 GMT
Comment by Amos Onn (amos) -
Monday, 15 October 2012, 10:34 GMT
No need to manually specify "--with-sandbox=style" since from 6.1
on the best option is autodetected by the configure script (that
is why I added linux-headers as a make-dependency for openssh).
Or, did you actually test your claims and established that sandbox
privilege separation did not work on your machine?
I read the configure file, but now I found my mistake. Sorry for
the interruption!