Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 14 Nov 2000 17:33:05 +0000
From:      Brian Somers <brian@Awfulhak.org>
To:        Brian Feldman <green@FreeBSD.org>
Cc:        cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org, brian@Awfulhak.org, kris@FreeBSD.org
Subject:   Re: cvs commit: src/etc/defaults make.conf src/secure/usr.bin/ssh Makefile 
Message-ID:  <200011141733.eAEHX6Y01932@hak.lan.Awfulhak.org>
In-Reply-To: Message from Brian Feldman <green@FreeBSD.org>  of "Mon, 13 Nov 2000 20:42:25 PST." <200011140442.UAA44924@freefall.freebsd.org> 

next in thread | previous in thread | raw e-mail | index | archive | help
> green       2000/11/13 20:42:25 PST
> 
>   Modified files:
>     etc/defaults         make.conf 
>     secure/usr.bin/ssh   Makefile 
>   Log:
>   Disable /usr/bin/ssh being setuid root by default.  Let the variable
>   ENABLE_SUID_SSH being defined reenable it for those that want it.
>   
>   This follows discussion favoring the change from September.  It
>   is not usually necessary to be setuid root, possibly less safe,
>   and less convenient (cannot use $HOSTALIASES, for example).
>   
>   Submitted by:	jedgar
>   
>   Revision  Changes    Path
>   1.132     +4 -1      src/etc/defaults/make.conf
>   1.11      +3 -1      src/secure/usr.bin/ssh/Makefile

Is this documented ?

I only ask because I sent kris a patch for this nearly two months 
ago.  I would have committed it myself except that he explicitly 
asked me to pass the change by him.

I quote my mail for your viewing pleasure:

: Return-Path: brian@hak.lan.Awfulhak.org
: Delivery-Date: Sat Sep 16 02:44:14 2000
: Return-Path: <brian@hak.lan.Awfulhak.org>
: Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1])
: 	by hak.lan.Awfulhak.org (8.11.0/8.11.0) with ESMTP id e8G1iDn01594;
: 	Sat, 16 Sep 2000 02:44:13 +0100 (BST)
: 	(envelope-from brian@hak.lan.Awfulhak.org)
: Message-Id: <200009160144.e8G1iDn01594@hak.lan.Awfulhak.org>
: X-Mailer: exmh version 2.1.1 10/15/1999
: To: Kris Kennaway <kris@FreeBSD.org>
: cc: Brian Somers <brian@Awfulhak.org>
: Subject: Re: setuid ssh should die 
: Mime-Version: 1.0
: Content-Type: text/plain; charset=us-ascii
: Date: Sat, 16 Sep 2000 02:44:12 +0100
: From: Brian Somers <brian@Awfulhak.org>
: 
: Hi, remember this ? :-)
: 
: > I have no problems making ssh non-suid by default since most people dont
: > use RhostsRSAAuthentication.
: > 
: > Since I have ssh changes in the works please send me the patches and I'll
: > apply them after the upgrade. Please add information to the manpage on how
: > to fix it, and a helpful error telling them what to do when the user tries
: > to use it.
: 
: How about this patch ?
: 
: Cheers.
: -- 
: Brian <brian@Awfulhak.org>                        <brian@[uk.]FreeBSD.org>
:       <http://www.Awfulhak.org>;                   <brian@[uk.]OpenBSD.org>
: Don't _EVER_ lose your sense of humour !
: 
: Index: crypto/openssh/ssh.1
: ===================================================================
: RCS file: /home/ncvs/src/crypto/openssh/ssh.1,v
: retrieving revision 1.15
: diff -u -r1.15 ssh.1
: --- crypto/openssh/ssh.1	2000/09/10 09:35:38	1.15
: +++ crypto/openssh/ssh.1	2000/09/16 01:41:59
: @@ -465,6 +465,11 @@
:  .Cm RhostsAuthentication
:  and
:  .Cm RhostsRSAAuthentication .
: +.Pp
: +If
: +.Nm
: +is not installed as a setuid binary, this option is enforced for non-root
: +users.
:  .It Fl q
:  Quiet mode.
:  Causes all warning and diagnostic messages to be suppressed.
: @@ -882,6 +887,23 @@
:  .Dq yes
:  or
:  .Dq no .
: +.Pp
: +If 
: +.Nm
: +is not installed as a setuid binary, this option is disabled for non-root
: +users.
: +.Nm
: +can be made setuid by either running
: +.Pp
: +.Dl chown root /usr/bin/ssh
: +.Dl chmod 4555 /usr/bin/ssh
: +.Pp
: +or if you wish to do a source installation, setting
: +.Dv ENABLE_SUIDSSH
: +to
: +.Dq true
: +in
: +.Pa /etc/make.conf .
:  .It Cm RSAAuthentication
:  Specifies whether to try RSA authentication.
:  The argument to this keyword must be
: @@ -892,6 +914,13 @@
:  attempted if the identity file exists, or an authentication agent is
:  running.
:  Note that this option applies to protocol version 1 only.
: +.Pp
: +If 
: +.Nm
: +is not installed as a setuid binary, this option is disabled for non-root
: +users (see
: +.Cm RhostsRSAAuthentication
: +above).
:  .It Cm SkeyAuthentication
:  Specifies whether to use
:  .Xr skey 1
: Index: crypto/openssh/ssh_config
: ===================================================================
: RCS file: /home/ncvs/src/crypto/openssh/ssh_config,v
: retrieving revision 1.6
: diff -u -r1.6 ssh_config
: --- crypto/openssh/ssh_config	2000/09/10 09:35:38	1.6
: +++ crypto/openssh/ssh_config	2000/09/16 01:22:21
: @@ -17,8 +17,8 @@
:  # Host *
:  #   ForwardAgent yes
:  #   ForwardX11 yes
: -#   RhostsAuthentication yes
: -#   RhostsRSAAuthentication yes
: +#   RhostsAuthentication yes	# Unless ENABLE_SUIDSSH=true in /etc/make.conf
: +#   RhostsRSAAuthentication yes	# (the default), these two options are disabled.
:  #   RSAAuthentication yes
:  #   PasswordAuthentication yes
:  #   FallBackToRsh no
: Index: secure/usr.bin/ssh/Makefile
: ===================================================================
: RCS file: /home/ncvs/src/secure/usr.bin/ssh/Makefile,v
: retrieving revision 1.10
: diff -u -r1.10 Makefile
: --- secure/usr.bin/ssh/Makefile	2000/09/10 09:43:29	1.10
: +++ secure/usr.bin/ssh/Makefile	2000/09/15 21:02:09
: @@ -4,8 +4,12 @@
:  SSHSRC=	${.CURDIR}/../../../crypto/openssh
:  
:  PROG=	ssh
: +.if defined(ENABLE_SUIDSSH) && \
: +	((${ENABLE_SUIDSSH} == "yes") || (${ENABLE_SUIDSSH} == "YES") || \
: +	 (${ENABLE_SUIDSSH} == "true") || (${ENABLE_SUIDSSH} == "TRUE"))
:  BINOWN=	root
:  BINMODE=4555
: +.endif
:  MAN1=	ssh.1
:  LINKS=	${BINDIR}/ssh ${BINDIR}/slogin
:  MLINKS=	ssh.1 slogin.1
: Index: etc/defaults/make.conf
: ===================================================================
: RCS file: /home/ncvs/src/etc/defaults/make.conf,v
: retrieving revision 1.121
: diff -u -r1.121 make.conf
: --- etc/defaults/make.conf	2000/09/10 00:09:34	1.121
: +++ etc/defaults/make.conf	2000/09/15 07:15:46
: @@ -46,6 +46,9 @@
:  # To enable building enstalling suidperl with the setuid bit turned on
:  #ENABLE_SUIDPERL=	true
:  #
: +# To install ssh setuid-root (thus allowing FallBackToRsh to work)
: +#ENABLE_SUIDSSH=	true
: +#
:  # To build perl with thread support
:  #PERL_THREADED=	true
:  #
: 
: 

-- 
Brian <brian@Awfulhak.org>                        <brian@[uk.]FreeBSD.org>
      <http://www.Awfulhak.org>;                   <brian@[uk.]OpenBSD.org>
Don't _EVER_ lose your sense of humour !




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200011141733.eAEHX6Y01932>