15059 – Fix fetching problem on security/ssh2 port

Bug 15059 - Fix fetching problem on security/ssh2 port

Summary: Fix fetching problem on security/ssh2 port

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	Normal Affects Only Me
Assignee:	freebsd-ports (Nobody)

URL:
Keywords:

Depends on:
Blocks:

Reported:	1999-11-23 05:50 UTC by issei
Modified:	1999-11-24 21:46 UTC (History)
CC List:	0 users

See Also:

Attachments
file.diff (456 bytes, patch) 1999-11-23 05:50 UTC, issei	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description issei 1999-11-23 05:50:02 UTC

	The patch file patch-ssh-2.0.13-bsd.tty.chown have been deleted
	from PATCH_SITES, so port is broken now.

	The problem that patch-ssh-2.0.13-bsd.tty.chown fixes is:

	1. non-privileged user can set file flags (by chflag(2)) on
	   terminal device he or she use, such as /dev/ttyp0

	2. If file flag is set on terminal device, chown (2) by ssh daemon
	   may fail. But ssh daemon does not check return value from chown.

	3. So, non-privilaged user can snoof data stream throw terminal
	   device.


	This problem is also pointed out on FreeBSD-SA-99:01 and is
	corrected after FreeBSD 3.3-RELEASE.  So, we does not need to use
	the patch-ssh-2.0.13-bsd.tty.chown anymore.

Comment 1 sada freebsd_committer

1999-11-24 21:45:49 UTC

State Changed
From-To: open->closed

Committed, thanks.