Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1997_3

Bugtraq archives for 3rd quarter (Jul-Sep) 1997: Re: SSH LocalForward

Re: SSH LocalForward

Sevo Stille (sevoinm.de)
Sun, 3 Aug 1997 13:49:11 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Jeff Epler: "Linux clone() looks safe (Re: Vulnerability in 4.4BSD rfork()"
Previous message: Sevo Stille: "Re: SSH LocalForward"
Maybe in reply to: Nicolas Dubee: "SSH LocalForward"
Next in thread: long-morrowCS.YALE.EDU: "Re: SSH LocalForward"

- the
> more reasonable method is to move the check into add_local_forward():
>
>  --- readconf.c  Sun Aug  3 00:55:40 1997
> +++ readconf.c.orig     Sun Aug  3 00:57:21 1997

Arrgh. As Jon Lewis correctly pointed out, the patch is reversed and could
do with some cleanup.

--- readconf.c.orig     Sun Aug  3 00:57:21 1997
+++ readconf.c  Sun Aug  3 13:20:08 1997
 -204,6 +204,10 
   Forward *fwd;
   if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)
     fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION);
+  if (port < 1024 && original_real_uid != UID_ROOT)
+  {
+     fatal("Privileged ports can only be forwarded by root.\n");
+  }
   fwd = &options->local_forwards[options->num_local_forwards++];
   fwd->port = port;
   fwd->host = xstrdup(host);


Sevo

Next message: Jeff Epler: "Linux clone() looks safe (Re: Vulnerability in 4.4BSD rfork()"
Previous message: Sevo Stille: "Re: SSH LocalForward"
Maybe in reply to: Nicolas Dubee: "SSH LocalForward"
Next in thread: long-morrowCS.YALE.EDU: "Re: SSH LocalForward"