From owner-freebsd-security Tue Jun 25 2:46:49 2002 Delivered-To: freebsd-security@freebsd.org Received: from itesec.hsc.fr (itesec.hsc.fr [192.70.106.33]) by hub.freebsd.org (Postfix) with ESMTP id A2DC037B675 for ; Tue, 25 Jun 2002 02:46:36 -0700 (PDT) Received: from lise.hsc.fr (lise.hsc.fr [192.70.106.67]) by itesec.hsc.fr (Postfix) with ESMTP id E69B520FA8 for ; Tue, 25 Jun 2002 11:46:35 +0200 (CEST) Received: by lise.hsc.fr (Postfix, from userid 1000) id 7A9D417A859; Tue, 25 Jun 2002 11:49:01 +0200 (CEST) Date: Tue, 25 Jun 2002 11:49:01 +0200 From: Thomas Seyrat To: freebsd-security@FreeBSD.ORG Subject: Re: How to check if "UsePrivilegeSeparation" works in OpenSSH? Message-ID: <20020625094900.GA13755@lise.hsc.fr> Mail-Followup-To: freebsd-security@FreeBSD.ORG References: <20020625195333.U69343-100000@a2> <902312FB-8813-11D6-919D-0030654D97EC@patpro.net> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline In-Reply-To: <902312FB-8813-11D6-919D-0030654D97EC@patpro.net> User-Agent: Mutt/1.4i Organization: HSC (Herve Schauer Consultants) X-Operating-System: Debian/GNU/* 3.0 - Linux 2.4.19-pre10-ben0 ppc Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org patpro wrote: > >I don't see the [priv] bit on the second one. > >Can you confirm with lsof that the chroot has taken effect? > well in fact no, nothing about /var/empty in lsof While sshd is waiting for password, I have : sshd 32666 0,0 0,3 3496 1596 ?? I 11:42 0:00,09 sshd: seyrat [net] (sshd) and lsof -p 32666 | grep rtd gives : sshd 32666 sshd rtd VDIR 13,131078 512 4 /var/empty This untrusted sshd process is indeed correctly chrooted. -- Thomas Seyrat. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message