Le vendredi 10 dÃcembre 2004 Ã 02:49 -0800, Jamie Zawinski a Ãcrit :
> Filiciano Matias wrote:
> >
> > What does this command :
> > $ cat /proc/`/sbin/pidof ssh-agent`/status | egrep "^Gid"
> > Gid: 100 100 99 100
> > ^ 99 : nobody
> >
> > Have you kill the previous ssh-agent process ?
>
> Yes, defintely.
>
> Gid: 500 500 500 500
>
> 500 = user jwz and group jwz.
>
"chmod g-s /usr/bin/ssh-agent" and add this patch :
diff -urN openssh-3.9p1.orig/ssh-agent.c openssh-3.9p1/ssh-agent.c
--- openssh-3.9p1.orig/ssh-agent.c 2004-08-13 13:18:01.000000000 +0200
+++ openssh-3.9p1/ssh-agent.c 2004-12-10 12:10:36.267810158 +0100
@@ -1022,11 +1022,6 @@
setegid(getgid());
setgid(getgid());
-#if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE)
- /* Disable ptrace on Linux without sgid bit */
- prctl(PR_SET_DUMPABLE, 0);
-#endif
-
SSLeay_add_all_algorithms();
__progname = ssh_get_progname(av[0]);
Perhaps it's not a good idea.
from linux/prctl.h :
/* Get/set current->mm->dumpable */
#define PR_GET_DUMPABLE 3
#define PR_SET_DUMPABLE 4
Attachment:
signature.asc
Description: Ceci est une partie de message =?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=
