Forwarding this bug to debian-security as I feel it is related to our recent SSH issues... Bug number is 151297 Phil ----- Forwarded message from Phillip <plhofmei@zionlth.org> ----- Envelope-to: plhofmei@zionlth.org Delivery-date: Fri, 28 Jun 2002 14:21:34 -0400 From: Phillip <plhofmei@zionlth.org> To: Debian Bug Tracking System <submit@bugs.debian.org> Subject: SSHD Attempts to open /var/log/lastlog for RW with insufficient permissions X-Reportbug-Version: 0.54.1 X-Mailer: reportbug 0.54.1 Date: Fri, 28 Jun 2002 14:21:02 -0400 Package: ssh Version: 1:3.4p1-0.0potato1 Severity: important 6616 open("/var/log/lastlog", O_RDWR) = -1 EACCES (Permission denied) plhofmei 6616 0.5 5.9 5724 1836 ? S 14:02 0:00 \_ /usr/sbin/sshd -rwxrwx--- 1 root utmp 296672 Jun 28 14:02 /var/log/lastlog As seen above, (strace watch) PID (here 6616) owned by a normal user attempts to open a log file for read/write when such access is not available. Since the user cannot open this file information about when and where they last logged in from is not available. The obvious fix for this (making the file world readable and writable) would introduce a security problem. -- System Information Debian Release: 2.2 Architecture: i386 Kernel: Linux Oneil 2.2.19 #1 Wed Jun 26 15:25:01 EDT 2002 i586 Versions of packages ssh depends on: ii adduser 3.11.1 Add users and groups to the system ii debconf 0.2.80.17 Debian configuration management sy ii libc6 2.1.3-20 GNU C Library: Shared libraries an ii libpam-modules 0.72-9 Pluggable Authentication Modules f ii libpam0g 0.72-9 Pluggable Authentication Modules l ii libssl0.9.6 0.9.6c-0.potato.1 SSL shared libraries ii libwrap0 7.6-4 Wietse Venema's TCP wrappers libra ii zlib1g [libz1] 1:1.1.3-5.1 compression library - runtime -- Configuration Files: /etc/pam.d/ssh [Errno 13] Permission denied: '/etc/pam.d/ssh' /etc/ssh/moduli [Errno 13] Permission denied: '/etc/ssh/moduli' /etc/ssh/ssh_config [Errno 13] Permission denied: '/etc/ssh/ssh_config' ----- End forwarded message -----
Attachment:
pgpNke8AYfFDj.pgp
Description: PGP signature