FS#71796 - [OpenSSH] core dump if sshd can't log
Attached to Project:
Arch Linux
Opened by lod (lod) - Wednesday, 11 August 2021, 12:13 GMT
Last edited by Giancarlo Razzolini (grazzolini) - Thursday, 02 September 2021, 00:57 GMT
Opened by lod (lod) - Wednesday, 11 August 2021, 12:13 GMT
Last edited by Giancarlo Razzolini (grazzolini) - Thursday, 02 September 2021, 00:57 GMT
|
Details
Description: I get regularly core dumps from sshd.
Additional info: * the problem is already discussed in the forum https://bbs.archlinux.org/viewtopic.php?pid=1987133#p1987133 * I asked in OpenSSH-IRC-Channel about the problem, and they send me back to arch a short log: <Han> Well it should dump core in that case. It should simply stop working IMHO. <Han> A security service without functioning log should stop working. <Han> And you did the right thing reporting it to arch. <aris> I've heard about this bug before, iirc it's not something new <lod> mhh ok, soo it's not an upstream bug like seth suggested? <aris> nope it's an integration bug, if sshd can't syslog, it's a problem with the distribution or the sandboxing <aris> but I find it weird to abort with corefile especially during authentication. Some secrets may be in the process memory dump <Piru> well, technically if sshd can't syslog it should still not crash like that IMHO - but terminate in more controlled manner <Piru> ah it's unhandled signal -- well either way more controlled processing of it would be nice thing to have <aris> problem is that if it didn't crash, the error would leave no trace on the system and that's bad too <henk> process exit code would exist which should be handled by the system’s service management tools or the user trying to run sshd |
This task depends upon
Closed by Giancarlo Razzolini (grazzolini)
Thursday, 02 September 2021, 00:57 GMT
Reason for closing: Fixed
Thursday, 02 September 2021, 00:57 GMT
Reason for closing: Fixed
Comment by
Giancarlo Razzolini (grazzolini) -
Wednesday, 01 September 2021, 15:29 GMT
Comment by
Evangelos Foutras (foutrelis) -
Wednesday, 01 September 2021, 15:45 GMT
Does this still happen with 8.7? We noticed coredumps on Arch
servers but they stopped happening after 8.7.
Definitely seems like this bug which was fixed in 8.7:
https://bugzilla.mindrot.org/show_bug.cgi?id=3286