Package: openssh-server Version: 1:6.7p1-3 Severity: important Tags: security As far as I can tell, unix domain socket forwarding is enabled by default and there is no way to disable it from authorized_keys files. This means that it might be possible for ssh triggers[1] to do unix domain socket forwarding, even though they are meant to be restricted to very limited things. SSH triggers are often restricted to a specific command, no-agent-forwarding, no-port-forwarding, no-X11-forwarding, no-pty and I think no-streamlocal-forwarding should be added to that set. Personally I think this needs to be fixed before the jessie release, please upgrade the severity to serious if you agree. The code indicates[2] that this still needs to be completed. 1. http://blog.ganneff.de/blog/2007/12/29/ssh-triggers.html 2. https://sources.debian.net/src/openssh/1:6.7p1-3/auth-options.c/?hl=127#L342 -- bye, pabs https://wiki.debian.org/PaulWise
Attachment:
signature.asc
Description: This is a digitally signed message part