Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. OpenSSH>
  3. Users
Chroot: sshd bug ? user redirects to root folder.
ric.castellani at alice
Feb 27, 2011, 8:21 AM
Post #1 of 4 (5900 views)
Permalink
I installed openssh-5.6p1 into my Fedora server and I run this service into
chroot mode.
I think to have found out a BUG into this package, specifically into sshd
service:

if remote user tries to connect to this service, where its home directory is
unaccessible because it doesn't respect right permissions (execution
permission of owner is missed or home directory is missing), he comes
automatically into root folder of chroot.
I think sshd should have to deny this login or at least sshd_config should
have to contain the option to set this specifc behaviour; for example into
Fedora distributions, there is "DEFAULT_HOME" option in /etc/login.defs file
to permit this behaviour.
Yes it's true, I can restrict access to specific users or use PAM module,
but for security reasons I need to make sure myself to restrict access ONLY
to home folder of user.
I also could use PAM modules, but it's only available pam_mkhomedir.so which
creates home folder if this one is not existing; I need pam_homecheck.so but
it's available only as package for OpenSuse.
Suggestions ?
Re: Chroot: sshd bug ? user redirects to root folder. [ In reply to ]
nasarov at gmail
Feb 27, 2011, 9:45 AM
Post #2 of 4 (5650 views)
Permalink
On Feb 27, 2011, at 5:21 PM, Riccardo Castellani wrote:

> I installed openssh-5.6p1 into my Fedora server and I run this service into chroot mode.
> I think to have found out a BUG into this package, specifically into sshd service:
>
> if remote user tries to connect to this service, where its home directory is unaccessible because it doesn't respect right permissions (execution permission of owner is missed or home directory is missing), he comes automatically into root folder of chroot.

It's not a bug, it's a feature ;) (c)

> I think sshd should have to deny this login or at least sshd_config should have to contain the option to set this specifc behaviour; for example into Fedora distributions, there is "DEFAULT_HOME" option in /etc/login.defs file to permit this behavior.

No.

> Yes it's true, I can restrict access to specific users or use PAM module, but for security reasons I need to make sure myself to restrict access ONLY to home folder of user.
> I also could use PAM modules, but it's only available pam_mkhomedir.so which creates home folder if this one is not existing; I need pam_homecheck.so but it's available only as package for OpenSuse.
> Suggestions ?
Re: Chroot: sshd bug ? user redirects to root folder. [ In reply to ]
ric.castellani at alice
Feb 27, 2011, 10:58 AM
Post #3 of 4 (5666 views)
Permalink
There is no possibility to implement this mechanism ?

----- Original Message -----
From: "Dennis Nasarov" <nasarov@gmail.com>
To: "Riccardo Castellani" <ric.castellani@alice.it>
Cc: <secureshell@securityfocus.com>
Sent: Sunday, February 27, 2011 6:45 PM
Subject: Re: Chroot: sshd bug ? user redirects to root folder.



On Feb 27, 2011, at 5:21 PM, Riccardo Castellani wrote:

> I installed openssh-5.6p1 into my Fedora server and I run this service
> into chroot mode.
> I think to have found out a BUG into this package, specifically into sshd
> service:
>
> if remote user tries to connect to this service, where its home directory
> is unaccessible because it doesn't respect right permissions (execution
> permission of owner is missed or home directory is missing), he comes
> automatically into root folder of chroot.

It's not a bug, it's a feature ;) (c)

> I think sshd should have to deny this login or at least sshd_config should
> have to contain the option to set this specifc behaviour; for example into
> Fedora distributions, there is "DEFAULT_HOME" option in /etc/login.defs
> file to permit this behavior.

No.

> Yes it's true, I can restrict access to specific users or use PAM module,
> but for security reasons I need to make sure myself to restrict access
> ONLY to home folder of user.
> I also could use PAM modules, but it's only available pam_mkhomedir.so
> which creates home folder if this one is not existing; I need
> pam_homecheck.so but it's available only as package for OpenSuse.
> Suggestions ?
Re: Chroot: sshd bug ? user redirects to root folder. [ In reply to ]
raja1.it.consultant at gmail
Feb 28, 2011, 2:18 AM
Post #4 of 4 (5651 views)
Permalink
In my perspective, its not a security issue, because, user will have
access to root folder of chrooted environment and it doesn't let the
user go out of the chrooted directory,right?

It's like a normal user have access to root folder on a system.

+Raja

On 2/27/2011 9:51 PM, Riccardo Castellani wrote:
> I installed openssh-5.6p1 into my Fedora server and I run this service
> into chroot mode.
> I think to have found out a BUG into this package, specifically into
> sshd service:
>
> if remote user tries to connect to this service, where its home
> directory is unaccessible because it doesn't respect right permissions
> (execution permission of owner is missed or home directory is
> missing), he comes automatically into root folder of chroot.
> I think sshd should have to deny this login or at least sshd_config
> should have to contain the option to set this specifc behaviour; for
> example into Fedora distributions, there is "DEFAULT_HOME" option in
> /etc/login.defs file to permit this behaviour.
> Yes it's true, I can restrict access to specific users or use PAM
> module, but for security reasons I need to make sure myself to
> restrict access ONLY to home folder of user.
> I also could use PAM modules, but it's only available pam_mkhomedir.so
> which creates home folder if this one is not existing; I need
> pam_homecheck.so but it's available only as package for OpenSuse.
> Suggestions ?
>

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal