[Bug 231172] [sshd] ssh login fails if server is set sysctl kern.trap_enotcap=1
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Sat Oct 6 21:33:51 UTC 2018
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=231172
--- Comment #3 from commit-hook at freebsd.org ---
A commit references this bug:
Author: emaste
Date: Sat Oct 6 21:32:58 UTC 2018
New revision: 339216
URL: https://svnweb.freebsd.org/changeset/base/339216
Log:
sshd: address capsicum issues
* Add a wrapper to proxy login_getpwclass(3) as it is not allowed in
capability mode.
* Cache timezone data via caph_cache_tzdata() as we cannot access the
timezone file.
* Reverse resolve hostname before entering capability mode.
PR: 231172
Submitted by: naito.yuichiro at gmail.com
Reviewed by: cem, des
Approved by: re (rgrimes)
MFC after: 3 weeks
Differential Revision: https://reviews.freebsd.org/D17128
Changes:
head/crypto/openssh/auth2.c
head/crypto/openssh/monitor.c
head/crypto/openssh/monitor.h
head/crypto/openssh/monitor_wrap.c
head/crypto/openssh/monitor_wrap.h
head/crypto/openssh/sandbox-capsicum.c
head/crypto/openssh/sshbuf-getput-basic.c
head/crypto/openssh/sshbuf.h
head/crypto/openssh/sshd.c
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list