Date: 25 Jul 2002 15:00:16 +0200 From: Dag-Erling Smorgrav <des@ofug.org> To: Tony Finch <dot@dotat.at> Cc: dinoex@freebsd.org, freebsd-security@freebsd.org Subject: Re: sshd privsep dns lookup bug Message-ID: <xzpd6tcotcv.fsf@flood.ping.uio.no> In-Reply-To: <20020724163447.B8886@chiark.greenend.org.uk> References: <20020724163447.B8886@chiark.greenend.org.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
Tony Finch <dot@dotat.at> writes: > The call to get_canonical_hostname() at line 145 of the FreeBSD version > of openssh-portable causes problems with privilege separation. It happens > to be the first call to the resolver, but because the code is running > chrooted at that point, it cannot read /etc/resolv.conf so fails to > initialize itself correctly. This causes the DNS lookup to fail, and > in some configurations to hang for half a minute. Thank you. I will look into it ASAP. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzpd6tcotcv.fsf>