Mark Janssen <[EMAIL PROTECTED]> writes:
> On Tue, 2002-06-25 at 15:57, Kruskal wrote:
> > Has anyone applied this update yet? I did so on a potato box, enabled
> > priv separation in the sshd config file and restarted sshd. I saw
> > that a user called sshd was created. However, when I ssh'ed in, I
> > didn't see any processes owned by sshd. In fact, the ssh daemon
> > process was still owned by root.
>
> I noticed this as well.. and decided to roll my own version, and include
> a patch for setproctitle support, this to aide debugging.
>
> It in fact does work, but the 'sshd' process from the 'sshd' user only
> exists before login.
Looks like this is the way it happens under potato as well. Looking
into it, I see the initial sshd sitting idle created by root. Then
when I initially connect, but before I am authenticated, a child
process owned by sshd is created. ps fauwx looks like:
root 8159 1.0 0.6 2544 1228 ?S09:20 0:00 /usr/sbin/sshd
root 8162 1.1 0.8 4380 1596 ?S09:21 0:00 \_
/usr/sbin/sshd
sshd 8163 5.5 0.7 3964 1472 ?S09:21 0:00 \_
/usr/sbin/sshd
Then when I give the password, that sshd owned process goes away, leaving:
root 8159 0.5 0.6 2544 1228 ?S09:20 0:00 /usr/sbin/sshd
root 8162 0.2 0.8 5620 1680 ?S09:21 0:00 \_
/usr/sbin/sshd
user 8166 0.3 0.9 5632 1752 ?S09:21 0:00 \_
/usr/sbin/sshd
user 8167 1.0 0.6 2016 1240 pts/0S09:21 0:00 \_ -bash
So it looks to me like priv sep is working on potato. At this point,
is it safe to open up a public server?
--
--Kruskal
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
