diff options
| author | Damien Miller <djm@mindrot.org> | 2011-06-23 08:30:03 +1000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2011-06-23 08:30:03 +1000 |
| commit | 69ff1df952eebf0489b775a60ede094eaf596a05 (patch) | |
| tree | 6eb76b4632b7c131e0fbb52d8ce7cccf658b6bfa /Makefile.in | |
| parent | 82c558761d0fa42dc954d62812b9e4b4a94f64bd (diff) | |
- djm@cvs.openbsd.org 2011/06/22 21:57:01
[servconf.c servconf.h sshd.c sshd_config.5 sandbox-rlimit.c]
[sandbox-systrace.c sandbox.h configure.ac Makefile.in]
introduce sandboxing of the pre-auth privsep child using systrace(4).
This introduces a new "UsePrivilegeSeparation=sandbox" option for
sshd_config that applies mandatory restrictions on the syscalls the
privsep child can perform. This prevents a compromised privsep child
from being used to attack other hosts (by opening sockets and proxying)
or probing local kernel attack surface.
The sandbox is implemented using systrace(4) in unsupervised "fast-path"
mode, where a list of permitted syscalls is supplied. Any syscall not
on the list results in SIGKILL being sent to the privsep child. Note
that this requires a kernel with the new SYSTR_POLICY_KILL option.
UsePrivilegeSeparation=sandbox will become the default in the future
so please start testing it now.
feedback dtucker@; ok markus@
Diffstat (limited to 'Makefile.in')
| -rw-r--r-- | Makefile.in | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/Makefile.in b/Makefile.in index f5b147619..f64aaac94 100644 --- a/Makefile.in +++ b/Makefile.in | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | # $Id: Makefile.in,v 1.322 2011/05/05 03:48:37 djm Exp $ | 1 | # $Id: Makefile.in,v 1.323 2011/06/22 22:30:03 djm Exp $ |
| 2 | 2 | ||
| 3 | # uncomment if you run a non bourne compatable shell. Ie. csh | 3 | # uncomment if you run a non bourne compatable shell. Ie. csh |
| 4 | #SHELL = @SH@ | 4 | #SHELL = @SH@ |
| @@ -89,7 +89,8 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \ | |||
| 89 | auth2-gss.o gss-serv.o gss-serv-krb5.o \ | 89 | auth2-gss.o gss-serv.o gss-serv-krb5.o \ |
| 90 | loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \ | 90 | loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \ |
| 91 | sftp-server.o sftp-common.o \ | 91 | sftp-server.o sftp-common.o \ |
| 92 | roaming_common.o roaming_serv.o | 92 | roaming_common.o roaming_serv.o \ |
| 93 | sandbox-null.o sandbox-rlimit.o sandbox-systrace.o | ||
| 93 | 94 | ||
| 94 | MANPAGES = moduli.5.out scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-keysign.8.out ssh-pkcs11-helper.8.out sshd_config.5.out ssh_config.5.out | 95 | MANPAGES = moduli.5.out scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-keysign.8.out ssh-pkcs11-helper.8.out sshd_config.5.out ssh_config.5.out |
| 95 | MANPAGES_IN = moduli.5 scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-keysign.8 ssh-pkcs11-helper.8 sshd_config.5 ssh_config.5 | 96 | MANPAGES_IN = moduli.5 scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-keysign.8 ssh-pkcs11-helper.8 sshd_config.5 ssh_config.5 |