Secure Shell
Chroot: sshd bug ? user redirects to root folder. Feb 27 2011 04:21PM
Riccardo Castellani (ric castellani alice it) (2 replies)
I installed openssh-5.6p1 into my Fedora server and I run this service into
chroot mode.
I think to have found out a BUG into this package, specifically into sshd
service:

if remote user tries to connect to this service, where its home directory is
unaccessible because it doesn't respect right permissions (execution
permission of owner is missed or home directory is missing), he comes
automatically into root folder of chroot.
I think sshd should have to deny this login or at least sshd_config should
have to contain the option to set this specifc behaviour; for example into
Fedora distributions, there is "DEFAULT_HOME" option in /etc/login.defs file
to permit this behaviour.
Yes it's true, I can restrict access to specific users or use PAM module,
but for security reasons I need to make sure myself to restrict access ONLY
to home folder of user.
I also could use PAM modules, but it's only available pam_mkhomedir.so which
creates home folder if this one is not existing; I need pam_homecheck.so but
it's available only as package for OpenSuse.
Suggestions ?

[ reply ]
Re: Chroot: sshd bug ? user redirects to root folder. Feb 28 2011 10:18AM
Raja (raja1 it consultant gmail com)
Re: Chroot: sshd bug ? user redirects to root folder. Feb 27 2011 05:45PM
Dennis Nasarov (nasarov gmail com) (1 replies)
Re: Chroot: sshd bug ? user redirects to root folder. Feb 27 2011 06:58PM
Riccardo Castellani (ric castellani alice it)


 

Privacy Statement
Copyright 2010, SecurityFocus