-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Darren, Thank you for the explanation. As long as a non-privileged user can run sshd (listening on a high-numbered port), my application is OK. SSH is a great tool for those of us concerned about privacy. Your work is really appreciated! Jack Darren Tucker <dtucker@xxxxxxxxxx> wrote: > On Tue, Mar 28, 2017 at 2:23 AM, Jack Dodds > <brmdamon@xxxxxxxxxxxx> wrote: > > > Hello Darren, > > > > Could you comment on this issue being raised by myself and > > Corinna Vinschen? > > > > This will create big problems for me. > > > > I'm not clear if this is a conscious decision supported by solid > > reasons or if it is just collateral damage. > > > > Thank you for all you work! > > > > Jack DoDDs > > > > -------- Original Message -------- > > Date: Mon, 27 Mar 2017 16:31:03 +0200 > > Subject: Re: Announce: OpenSSH 7.5 released > > From: Corinna Vinschen <vinschen@xxxxxxxxxx> > > To: openssh-unix-dev@xxxxxxxxxxx > >= > > On Mar 24 12:38, Jack Dodds wrote: > > > Hello, > > > > > > You seem to be saying that in 7.5, sshd can no longer be run > > > under an ordinary user account. Is that accurate? > > > > Well, yes, that's what the report claims, and it seems correct to > > me. > > > > It's not quite accurate. The issue is that it checks for the > existence of the privsep user and directory even though it does > not use them. If they exist (even if only because you > configure'ed --with-privsep-user and --with-privsep-dir to > point to other existing ones) then it'll work. This is what we > use for the regression tests when SUDO is not set (but because > all our test systems have the user and dir, we never observed > the problem). > > > > > I use sshd running under a user account in Debian Jessie to allow > > > tunnels from remote devices. That capability is crucial to my > > > application. > > > > > > Any comments would be appreciated. > > > > Same here. > > > > Is it really just a bug or is the "non-priv'ed user running sshd" > > scenario going to be unsupported in future? > > > > My opinion: > - running as a non-privileged user should be supported. > - running with privsep disabled (ie one unprivileged process) will not be > supported. > > This will mean that you'll have two sshd processes per > connection running as an unprivileged user, same as you would > for a privileged user. > > Rationale: we want to reduce the code complexity by removing > the !privsep code paths, and some privilege dropping mechanisms > like OpenSBD's pledge can still be employed by unprivileged > code). > > I've just committed a variation on the patch to both HEAD and > the 7.5 branch. > > https://anongit.mindrot.org/openssh.git/commit/?id=d13281f2964abc5f2e535e1613c77fc61b0c53e7 > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJY2xywAAoJEChpvIQG4DsHRngIAIFlboNrrJ8dKoOSFOex6lIy dwH92dF3gsIdHB2Uuya8UElfi+fHl1Rypc3ToDT53lbGJTI3N/ERY7VK5vs69UFz BlKQ8tD+E43VBmM6dqWAIXY2t+DDdOn/pg1zC8sWIxoH/YvKGUp+dqMIHpnjnVyQ DKxQUiv+ygXapJGaNwIe8lFicdxyqerwxXJX9gwbs73iTTEK7sfqK9WGoTox5yqN PORJi73zmjBastFKvO+wDM4F+5xXtX4cH9eufNa/eAouZpIVpUut5MwGbL0LDVNL 8jeolgLZMx/dnBpgy8eezUXnF6e41k0y7Iw0LFmzCYHBGQ82lyn4TxV/BG/+QrQ= =B/Dp -----END PGP SIGNATURE----- _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev