[prev in list] [next in list] [prev in thread] [next in thread] 

List:       secure-shell
Subject:    issue with 3.4.p1
From:       list <list () 0ff ! org>
Date:       2002-06-27 22:37:06
[Download RAW message or body]

Hello,

Ok..this is a linux box running kernel 2.4.18 with a few grsecurity mods ..none that \
include the option for users to not open sockets (just in case you ask)

I have installed :   sshd version OpenSSH_3.4p1
I have sshd:sshd user/grp on my box as well as /var/empty owned by root:root
drwx------    2 root     root         1024 Jun 27 14:54 empty/
I used the follwing compile options:   ./configure --with-md5-passwords --with-pam \
--with-tcp-wrappers --with-privsep-user=sshd

I restarted sshd after the install..

and here is what happens:

this is the output as a user is connecting, prior to any passwd being entered:


[root@0ff var]# ps waux | grep sshd | grep -v grep
root     25429  0.0  0.1  2752 1344 ?        S    15:12   0:00 sshd
root     22683  0.3  0.2  3216 1780 ?        S    17:33   0:00 sshd
sshd     31252  1.5  0.2  2980 1688 ?        S    17:33   0:00 sshd
[root@0ff var]# lsof -p 31252
COMMAND   PID USER   FD   TYPE     DEVICE    SIZE   NODE NAME
sshd    31252 root  cwd    DIR        3,5    1024 946359 /var/empty
sshd    31252 root  rtd    DIR        3,5    1024 946359 /var/empty



--

Notice that the pid is owned by sshd, but an lsof of the file indicates that that the \
open files are owned by root..

This is inconsistent with what V3.3.p1 showed me under the same circumstances, and Im \
guessing not what I want to be happeneing.. I have a friend that has done exactly \
what I did, and his lsof of the pid shows the user as sshd..

Any help to resolve this would be appreciated..thanks in advance

list

PS: the pid #s are are that way due to grsecurity option to randomize pid #s (pay no \
attn)


[prev in list] [next in list] [prev in thread] [next in thread]