From owner-freebsd-stable@FreeBSD.ORG Mon Jun 24 22:50:56 2013 Return-Path: Delivered-To: freebsd-stable@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 8DD7BF6F for ; Mon, 24 Jun 2013 22:50:56 +0000 (UTC) (envelope-from jdc@koitsu.org) Received: from relay5-d.mail.gandi.net (relay5-d.mail.gandi.net [217.70.183.197]) by mx1.freebsd.org (Postfix) with ESMTP id 4CE8413C1 for ; Mon, 24 Jun 2013 22:50:56 +0000 (UTC) Received: from mfilter20-d.gandi.net (mfilter20-d.gandi.net [217.70.178.148]) by relay5-d.mail.gandi.net (Postfix) with ESMTP id 9280141C051; Tue, 25 Jun 2013 00:50:39 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at mfilter20-d.gandi.net Received: from relay5-d.mail.gandi.net ([217.70.183.197]) by mfilter20-d.gandi.net (mfilter20-d.gandi.net [10.0.15.180]) (amavisd-new, port 10024) with ESMTP id iPvvDUoUETtQ; Tue, 25 Jun 2013 00:50:37 +0200 (CEST) X-Originating-IP: 76.102.14.35 Received: from jdc.koitsu.org (c-76-102-14-35.hsd1.ca.comcast.net [76.102.14.35]) (Authenticated sender: jdc@koitsu.org) by relay5-d.mail.gandi.net (Postfix) with ESMTPSA id 9179C41C06F; Tue, 25 Jun 2013 00:50:37 +0200 (CEST) Received: by icarus.home.lan (Postfix, from userid 1000) id 920BF73A1C; Mon, 24 Jun 2013 15:50:34 -0700 (PDT) Date: Mon, 24 Jun 2013 15:50:34 -0700 From: Jeremy Chadwick To: d@delphij.net Subject: Re: Another bug in SSH in FreeBSD 8.4 (sftp cannot create relative symlinks) Message-ID: <20130624225034.GA8873@icarus.home.lan> References: <51C4DBFE.1010809@quip.cz> <51C4F5D4.6000802@delphij.net> <51C8C400.7080009@quip.cz> <51C8C9E8.9050507@delphij.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <51C8C9E8.9050507@delphij.net> User-Agent: Mutt/1.5.21 (2010-09-15) Cc: freebsd-stable@FreeBSD.org, Miroslav Lachman <000.fbsd@quip.cz> X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Jun 2013 22:50:56 -0000 On Mon, Jun 24, 2013 at 03:36:24PM -0700, Xin Li wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > On 06/24/13 15:11, Miroslav Lachman wrote: > [...] > > The patch seems really simple and I know how to apply it, but I am > > not able to compile and install only fixed sftp command instead of > > the whole userland. Can you push me to the right direction? > > I think you can go to /usr/src/secure/usr.bin/sftp and do: > > make depend > make > > Then, as root: > > make install > > I usually do a full world build to make sure that this doesn't break > something else but this change should only affect sftp(1). I'm going to make this real simple: Is the problem with symlinks in the client (sftp(1)), in the server (sftp-server(8)), or both? The impression I get from the original post that started this thread is that it's in the server part. So, I believe he'd want to poke about in src/secure/libexec/sftp-server. However, that may not be enough, due to the fact that sftp-server(8) depends (links to) libssh.so.X, libcrypt.so.X, and libcrypto.so.X. I do not know where the actual broken code lies. Someone on -security might know exactly what all needs to be built/what commands need to be run, but I will tell you this up front: The official security announcements for SSL or SSH-related things have historically told people to build world. I went and read the mailing list archives for -security-announcements and found proof/examples of this fact when issues pertain to SSL or SSH. My recommendation is just to build world. Don't risk it -- this is a key piece of your system, all you're trying to do is save some time. Don't. Just build/install world and don't screw around. -- | Jeremy Chadwick jdc@koitsu.org | | UNIX Systems Administrator http://jdc.koitsu.org/ | | Making life hard for others since 1977. PGP 4BD6C0CB |