Re: patch to send incoming key to AuthorizedKeysCommand via stdin

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Scott Duckworth wrote:
> > What's the problem with forking and writing to the pipe from the
> > parent only when it is writable?
> 
> If the child process does not explicitly close stdin then there is no way
> to know if it is actually being read from. All that is known is that you
> can write *some* data to the pipe,

Right, as I wrote, write only when writable.


> but once the pipe's buffer fills up and it is not emptied then

..it will no longer be writable. Does the last write() before buffers
are full return short? If not, only write() a single byte at a time.

I still do not see the problem here.


> timeout

A timeout within any general purpose OS is a heuristic, I don't think
they belong in the authentication path.


> The only safe way to pass the key via a pipe is to require any
> AuthorizedKeysCommand to either explicitly close stdin or consume stdin
> until EOF.

I don't see why.


> there's likely already a lot of commands in use that do neither of these.

So maybe the new semantics deserve a new configuration option, rather
than extending an existing option in a not-so-scalable way?


//Peter
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux