Bug#650982: openssh-server: sftp server should not seek just after opening a file

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#650982: openssh-server: sftp server should not seek just after opening a file
From: Corin Langosch <corinl@gmx.de>
Date: Sun, 04 Dec 2011 20:49:41 +0100
Message-id: <[🔎] 20111204194941.1986.57250.reportbug@debian1.lunarix.de>
Reply-to: Corin Langosch <corinl@gmx.de>, 650982@bugs.debian.org

Package: openssh-server
Version: 1:5.5p1-6+squeeze1
Severity: important

It seems that the sftp server does a seek just after opening a file. This results in a seek error when trying to access files which are not seekable (like /proc entries). 

A suggested fix: if llseek fails (for SET, 0), just close/reopen the file instead. Or if there was an open right before, just ignore the failing seek.

-- System Information:
Debian Release: 6.0.3
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.36.4-vs2.3.0.36.39-beng (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages openssh-server depends on:
ii  adduser             3.112+nmu2           add and remove users and groups
ii  debconf [debconf-2. 1.5.36.1             Debian configuration management sy
ii  dpkg                1.15.8.11            Debian package management system
ii  libc6               2.11.2-10            Embedded GNU C Library: Shared lib
ii  libcomerr2          1.41.12-4stable1     common error description library
ii  libgssapi-krb5-2    1.8.3+dfsg-4squeeze2 MIT Kerberos runtime libraries - k
ii  libkrb5-3           1.8.3+dfsg-4squeeze2 MIT Kerberos runtime libraries
ii  libpam-modules      1.1.1-6.1+squeeze1   Pluggable Authentication Modules f
ii  libpam-runtime      1.1.1-6.1+squeeze1   Runtime support for the PAM librar
ii  libpam0g            1.1.1-6.1+squeeze1   Pluggable Authentication Modules l
ii  libselinux1         2.0.96-1             SELinux runtime shared libraries
ii  libssl0.9.8         0.9.8o-4squeeze4     SSL shared libraries
ii  libwrap0            7.6.q-19             Wietse Venema's TCP wrappers libra
ii  lsb-base            3.2-23.2squeeze1     Linux Standard Base 3.2 init scrip
ii  openssh-blacklist   0.4.1                list of default blacklisted OpenSS
ii  openssh-client      1:5.5p1-6+squeeze1   secure shell (SSH) client, for sec
ii  procps              1:3.2.8-9            /proc file system utilities
ii  zlib1g              1:1.2.3.4.dfsg-3     compression library - runtime

Versions of packages openssh-server recommends:
ii  openssh-blacklist-extra       0.4.1      list of non-default blacklisted Op
ii  xauth                         1:1.0.4-1  X authentication utility

Versions of packages openssh-server suggests:
pn  molly-guard                   <none>     (no description available)
pn  rssh                          <none>     (no description available)
pn  ssh-askpass                   <none>     (no description available)
pn  ufw                           <none>     (no description available)

-- debconf information excluded

Reply to:

Prev by Date: Bug#607267: /usr/bin/scp: fails to notice close() errors
Next by Date: Bug#628690: sshd children inherit OOM adj from context sshd is started from
Previous by thread: Processed: Re: Bug#607267: /usr/bin/scp: fails to notice close() errors
Next by thread: Bug#628690: sshd children inherit OOM adj from context sshd is started from
Index(es):
- Date
- Thread