Re: priviledge seperation not working like before

On Thu, 13 Feb 2003, list1@0ff.org wrote:

> Hello--

I suspect that one is the parent sshd that listens for new request then you have the 'Prived' and 'Unprived' children (which I assume is pid 254 and 5321). So for one connection you have 3 sshd runninng.. for two you have 5, etc..

> I am at a loss, configure shows no errors, make works, etc.. One thing I

The issue is that setproctitle() is not implemented for Linux.

Off of OpenBSD you get:

10071 ??  Is      0:06.41 /usr/sbin/sshd
30830 ??  Is      0:00.06 sshd: mouring [priv] (sshd)
31043 ??  I       1:12.01 sshd: mouring@ttyp0 (sshd)

the [priv] is running as root and the other is runnig as mouring. As a result the few things that require root privs are passed up the [priv] process to be handled.

• Ben

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek