I was reviewing the openssh.spec file that is within the CURRENT revision of openssh and I wanted to open up a discussion about the default pathing. When the latest openssh security patch was released, our instance of openssh broke on solaris when using rsync (or any other command really). I'm not too concerned because we're still on openpkg 2.3 and I plan on upgrading when 2.6 comes out. In the current spec file I see the following in regards to default pathing:
%if "%{with_trysetpath}" == "yes"
--enable-etc-default-login \
--with-default-path=%{l_prefix}/bin:/bin:/usr/bin:/usr/local/bin
\
--with-superuser-path=%{l_prefix}/bin:/usr/bin:/sbin:/usr/sbin \
%else
--disable-etc-default-login \
--with-default-path=/bin:/usr/bin \
--with-superuser-path=/bin:/usr/bin:/sbin:/usr/sbin \
%endif
This means that on solaris systems pathing will generally be broken by
default unless with_trysetpath is set to yes due to the
--with-default-path and other related options. As far as I'm aware,
these options are more for security reasons for openssh than they are to
fix default pathing on solaris (or whatever other OS's have the same
problem). My thoughts are that the option in the spec file should be
called "with_securepath" (or just "with_secpath") and it should only be
a single if statement that disables /etc/default/login and sets the
specific paths which should only include %{l_prefix}. It definitely
should not include any sbin paths because part of the reason is to lock
the pathing down if you want a more secure openssh installation. In any
case, I am only one opinion and as I said, I wanted to open this up for
discussion. So, what do the rest of you think?
--
David M. Fetter - Portland State University - UNIX Systems Administrator
"I do not agree with what you have to say, but I'll defend to the death
your right to say it." ~François-Marie Arouet
signature.asc
Description: This is a digitally signed message part
