Date: Sat, 06 Oct 2018 21:33:48 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 231172] [sshd] ssh login fails if server is set sysctl kern.trap_enotcap=1 Message-ID: <bug-231172-227-bvQ5fUuT9s@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-231172-227@https.bugs.freebsd.org/bugzilla/> References: <bug-231172-227@https.bugs.freebsd.org/bugzilla/>
index | next in thread | previous in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=231172 --- Comment #3 from commit-hook@freebsd.org --- A commit references this bug: Author: emaste Date: Sat Oct 6 21:32:58 UTC 2018 New revision: 339216 URL: https://svnweb.freebsd.org/changeset/base/339216 Log: sshd: address capsicum issues * Add a wrapper to proxy login_getpwclass(3) as it is not allowed in capability mode. * Cache timezone data via caph_cache_tzdata() as we cannot access the timezone file. * Reverse resolve hostname before entering capability mode. PR: 231172 Submitted by: naito.yuichiro@gmail.com Reviewed by: cem, des Approved by: re (rgrimes) MFC after: 3 weeks Differential Revision: https://reviews.freebsd.org/D17128 Changes: head/crypto/openssh/auth2.c head/crypto/openssh/monitor.c head/crypto/openssh/monitor.h head/crypto/openssh/monitor_wrap.c head/crypto/openssh/monitor_wrap.h head/crypto/openssh/sandbox-capsicum.c head/crypto/openssh/sshbuf-getput-basic.c head/crypto/openssh/sshbuf.h head/crypto/openssh/sshd.c -- You are receiving this mail because: You are the assignee for the bug.help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-231172-227-bvQ5fUuT9s>