summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2012-07-31 12:21:34 +1000
committerDamien Miller <djm@mindrot.org>2012-07-31 12:21:34 +1000
commit5a5c2b9063fc3d7315424702b01527ccb0d4c0c9 (patch)
tree6bee6b7c37627e0c40544783400285c51d656348
parent709a1e90d9cfb7a0e8cdf57fa967d163c010a6bb (diff)
- djm@cvs.openbsd.org 2012/07/10 02:19:15
[servconf.c servconf.h sshd.c sshd_config] Turn on systrace sandboxing of pre-auth sshd by default for new installs by shipping a config that overrides the current UsePrivilegeSeparation=yes default. Make it easier to flip the default in the future by adding too.
Diffstat
-rw-r--r--ChangeLog5
-rw-r--r--servconf.c9
-rw-r--r--servconf.h4
-rw-r--r--sshd.c4
-rw-r--r--sshd_config4
5 files changed, 16 insertions, 10 deletions
diff --git a/ChangeLog b/ChangeLog
index 885a721ff..911b4b114 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,11 @@
3 - jmc@cvs.openbsd.org 2012/07/06 06:38:03 3 - jmc@cvs.openbsd.org 2012/07/06 06:38:03
4 [ssh-keygen.c] 4 [ssh-keygen.c]
5 missing full stop in usage(); 5 missing full stop in usage();
6 - djm@cvs.openbsd.org 2012/07/10 02:19:15
7 [servconf.c servconf.h sshd.c sshd_config]
8 Turn on systrace sandboxing of pre-auth sshd by default for new installs
9 by shipping a config that overrides the current UsePrivilegeSeparation=yes
10 default. Make it easier to flip the default in the future by adding too.
6 11
720120720 1220120720
8 - (dtucker) Import regened moduli file. 13 - (dtucker) Import regened moduli file.
diff --git a/servconf.c b/servconf.c
index eccfbad48..427bdeef1 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,5 +1,5 @@
1 1
2/* $OpenBSD: servconf.c,v 1.227 2012/06/19 18:25:27 markus Exp $ */ 2/* $OpenBSD: servconf.c,v 1.228 2012/07/10 02:19:15 djm Exp $ */
3/* 3/*
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
5 * All rights reserved 5 * All rights reserved
@@ -285,7 +285,7 @@ fill_default_server_options(ServerOptions *options)
285 options->version_addendum = xstrdup(""); 285 options->version_addendum = xstrdup("");
286 /* Turn privilege separation on by default */ 286 /* Turn privilege separation on by default */
287 if (use_privsep == -1) 287 if (use_privsep == -1)
288 use_privsep = PRIVSEP_ON; 288 use_privsep = PRIVSEP_NOSANDBOX;
289 289
290#ifndef HAVE_MMAP 290#ifndef HAVE_MMAP
291 if (use_privsep && options->compression == 1) { 291 if (use_privsep && options->compression == 1) {
@@ -770,8 +770,9 @@ static const struct multistate multistate_gatewayports[] = {
770 { NULL, -1 } 770 { NULL, -1 }
771}; 771};
772static const struct multistate multistate_privsep[] = { 772static const struct multistate multistate_privsep[] = {
773 { "sandbox", PRIVSEP_SANDBOX }, 773 { "yes", PRIVSEP_NOSANDBOX },
774 { "yes", PRIVSEP_ON }, 774 { "sandbox", PRIVSEP_ON },
775 { "nosandbox", PRIVSEP_NOSANDBOX },
775 { "no", PRIVSEP_OFF }, 776 { "no", PRIVSEP_OFF },
776 { NULL, -1 } 777 { NULL, -1 }
777}; 778};
diff --git a/servconf.h b/servconf.h
index c2eeed665..096d596d7 100644
--- a/servconf.h
+++ b/servconf.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: servconf.h,v 1.102 2012/06/19 18:25:28 markus Exp $ */ 1/* $OpenBSD: servconf.h,v 1.103 2012/07/10 02:19:15 djm Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -39,7 +39,7 @@
39/* use_privsep */ 39/* use_privsep */
40#define PRIVSEP_OFF 0 40#define PRIVSEP_OFF 0
41#define PRIVSEP_ON 1 41#define PRIVSEP_ON 1
42#define PRIVSEP_SANDBOX 2 42#define PRIVSEP_NOSANDBOX 2
43 43
44#define DEFAULT_AUTH_FAIL_MAX 6 /* Default for MaxAuthTries */ 44#define DEFAULT_AUTH_FAIL_MAX 6 /* Default for MaxAuthTries */
45#define DEFAULT_SESSIONS_MAX 10 /* Default for MaxSessions */ 45#define DEFAULT_SESSIONS_MAX 10 /* Default for MaxSessions */
diff --git a/sshd.c b/sshd.c
index 64b846f6c..9aff5e8af 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshd.c,v 1.392 2012/06/30 14:35:09 markus Exp $ */ 1/* $OpenBSD: sshd.c,v 1.393 2012/07/10 02:19:15 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -635,7 +635,7 @@ privsep_preauth(Authctxt *authctxt)
635 /* Store a pointer to the kex for later rekeying */ 635 /* Store a pointer to the kex for later rekeying */
636 pmonitor->m_pkex = &xxx_kex; 636 pmonitor->m_pkex = &xxx_kex;
637 637
638 if (use_privsep == PRIVSEP_SANDBOX) 638 if (use_privsep == PRIVSEP_ON)
639 box = ssh_sandbox_init(); 639 box = ssh_sandbox_init();
640 pid = fork(); 640 pid = fork();
641 if (pid == -1) { 641 if (pid == -1) {
diff --git a/sshd_config b/sshd_config
index ec3ca2afc..9424ee2c6 100644
--- a/sshd_config
+++ b/sshd_config
@@ -1,4 +1,4 @@
1# $OpenBSD: sshd_config,v 1.86 2012/04/12 02:43:55 djm Exp $ 1# $OpenBSD: sshd_config,v 1.87 2012/07/10 02:19:15 djm Exp $
2 2
3# This is the sshd server system-wide configuration file. See 3# This is the sshd server system-wide configuration file. See
4# sshd_config(5) for more information. 4# sshd_config(5) for more information.
@@ -99,7 +99,7 @@ AuthorizedKeysFile .ssh/authorized_keys
99#PrintLastLog yes 99#PrintLastLog yes
100#TCPKeepAlive yes 100#TCPKeepAlive yes
101#UseLogin no 101#UseLogin no
102#UsePrivilegeSeparation yes 102UsePrivilegeSeparation sandbox # Default for new installations.
103#PermitUserEnvironment no 103#PermitUserEnvironment no
104#Compression delayed 104#Compression delayed
105#ClientAliveInterval 0 105#ClientAliveInterval 0
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 08:29:51 +0000