[plamo:14401] Re: Plamo3.0 openSSH

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[plamo:14401] Re: Plamo3.0 openSSH

From:早間義博

Date:Thu, 27 Jun 2002 15:34:29 +0900 (JST)

Subject: [plamo:14401] Re: Plamo3.0 openSSH
From: 早間義博<yossi@xxxxxxxxxxxxxx>
Date: Thu, 27 Jun 2002 15:33:02 +0900 (JST)

> 加藤泰文です．
> 
> >>> On Wed, 26 Jun 2002 10:03:06 +0900
>     in message   "[plamo:14391] Re: Plamo3.0 openSSH"
>                   KATOH Yasufumi-san wrote:
> 
> > OpenSSH に脆弱性が見つかっていますね．詳細は発表されておらず，対策は
> > 3.4 でなされるようですが，3.3 で Privilege Separation を使う事によりと
> > りあえず回避可能とのことです．

引用ですが６月２５日に次の情報を得ています。
---------------------------- ここから ---------------------------
SUMMARY

A security vulnerability in OpenSSH has been found, the vulnerability has 
not been yet disclosed but from the information available up to now, 
enabling OpenSSH's sshd(8) privileges separation feature stops the exploit 
from working properly.

DETAILS

Immune systems:
 * OpenSSH version 3.3p with privileges separation enabled

OpenSSH 3.3p was released a few days ago, with various improvements but in 
particular, it significantly improves the Linux and Solaris support for 
privileges separation. However, it is not yet perfect. Compression is 
disabled on some systems, and the many varieties of PAM are causing 
problems.

However, everyone should update to OpenSSH 3.3 immediately, and enable 
privileges separation in their SSH daemons, by setting this in your 
/etc/ssh/sshd_config file:
 UsePrivilegeSeparation yes

Depending on what your system is, privilege separation may break some SSH 
functionality. However, with privileges separation turned on, you are 
immune from at least one remote hole.

Note however that OpenSSH version 3.3 does not contain a fix for this 
upcoming bug.

The basic idea behind privilege separation is that OpenSSH sshd(8) has 
something like 27000 lines of code. A lot of them run as root. However, 
when UsePrivilegeSeparation is enabled, the daemon splits into two parts. 
A part containing about 2500 lines of code remains as root, and the rest 
of the code is shoved into a chroot-jail without any privileges. This 
makes the daemon less vulnerable to attack.

ADDITIONAL INFORMATION

The information has been provided by  <mailto:deraadt@cvs.openbsd.org> 
Theo de Raadt.
---------------------------- ここまで ---------------------------

> 
> OpenSSH 3.4 がリリースされています．
>     http://www.openssh.org/
>     http://www.openssh.org/txt/preauth.adv
> 

インストールしたのですが、（openssh-3.1p1 から openssh-3.4.1p1 へ
のバージョンアップ） ユーザ sshd が無いと言って起動しません。
（make の後でなにやらメッセージは出ます）
/etc/passwd に sshd を追加しました。ついでに/etc/group にも追加し
ました。

-- 早間  yossi@yedo.src.co.jp

Follow-Ups
: [plamo:14402] Re: Plamo3.0 openSSH, 早間義博

References
: [plamo:14361] Re: Plamo3.0 openSSH, Chie Nakatani; [plamo:14391] Re: Plamo3.0 openSSH, KATOH Yasufumi; [plamo:14396] Re: Plamo3.0 openSSH, KATOH Yasufumi

Prev by Date: [plamo:14400] Re: ALSA & VMware
Next by Date: [plamo:14402] Re: Plamo3.0 openSSH
Previous by thread: [plamo:14396] Re: Plamo3.0 openSSH
Next by thread: [plamo:14402] Re: Plamo3.0 openSSH
Index(es):
- Date
- Thread

[検索ページ] [メール一覧]
Plamo ML 公開システム