[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: openssh sshd user vs. group ???

Bless you, for being so patient with me ;>

Colin Watson wrote:
> 
> On Wed, Jul 03, 2002 at 08:53:20AM -0500, Michael D. Schleif wrote:
> > Colin Watson wrote:
> > > "Its primary group" doesn't have to be called sshd. There's no
> > > particular reason to create a separate group.
> >
> > Other than the source documentation; and, of course, lack of
> > distribution documentation on this point . . .
> 
> Let's face it, the Debian releases of OpenSSH >= 3.3 have had to be done
> in something of a hurry. Documentation is a fine point compared to
> security.

Indeed, that is it!  In fact, one of the reasons that I've been so anal
about this fast paced ssh upgrade chase is that so much happened in so
little time that I have not been able to keep up with the reasons for
change.  That and the doubts that I have raised . . .

> > > The Debian package is configured slightly differently from that
> > > /var/empty recommendation in order to follow policy better. It uses
> > > /var/run/sshd instead. Other than that there's no difference from the
> > > documentation.
> >
> > In fact, why not make /var/run/sshd home directory for sshd user?
> 
> Current ssh releases create it that way. If you upgraded to one of the
> intermediate (and even more rushed) security releases then you'll have
> it as /home/sshd instead.

I just remove'd, then install'ed ssh on one box, removing sshd user, and
now:

# grep ssh /etc/passwd
sshd:x:103:65534::/var/run/sshd:/bin/false

[ snip ]

> > [a] debian *NOT* following the source documentation;
> 
> Debian frequently doesn't in terms of paths. We have our own standards
> in order to keep the system consistent.

yes

> > [b] *NO* /var/empty nor /home/sshd directories;
> 
> That is correct. /var/empty would be an FHS violation; /home/sshd as the
> home directory of the sshd user was just a transient mistake.

Interesting -- how so?

[ snip ]

> > [e] *NO* debian documentation demonstrating that these changes achieve
> > same goals as source distribution.
> 
> Well, I'll say now that changing sshd's chroot path is not a risk. In
> fact, it's superior, since it removes the risk that multiple daemons
> might decide that /var/empty is a good place to chroot into, which would
> breach security boundaries.

OK, but, how is /var/run/sshd any different than /var/empty, in this
regard?

[ snip ]

Again, thank you, for taking time to explain . . .

-- 

Best Regards,

mds
mds resource
888.250.3987

Dare to fix things before they break . . .

Our capacity for understanding is inversely proportional to how much we
think we know.  The more I know, the more I know I don't know . . .


-- 
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: