Hi Spencer, As of January 28 of last year I announced that rssh is no longer maintained. As Russ says, it's just not able to do its job effectively for a host of reasons. I guess I neglected to update the web site... I should do that soon.
-- Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0x81CFE75D On Sat, Jan 16, 2021 at 09:50:50PM -0800, Spenser Truex wrote: > From website > http://pizzashack.org/rssh/security.shtml > --- > SECURITY | 16 ++++++++++++++-- > 1 file changed, 14 insertions(+), 2 deletions(-) > > diff --git a/SECURITY b/SECURITY > index 98c1e43..aede2e8 100644 > --- a/SECURITY > +++ b/SECURITY > @@ -8,0 +9,13 @@ have affected rssh since I started developing it. > +Nov 27, 2012 > +A couple of issues have been discovered with command line parsing and > validation, which allow rssh to be bypassed. > + > + CVE-2012-3478: Improper filtering of environment variables > + CVE-2012-2252: Improper filtering of rsync command line > + > +August 1, 2010 > +Almost 5 years without a legitimate security issue reported. > + > +John Barber reported a problem where, if the system administrator > misconfigures rssh by providing two few access bits in the configuration > file, the user will be given default permissions (scp) to the entire system, > potentially circumventing any configured chroot. Fixing this required a > behavior change: In the past, using rssh without a config file would give all > users default access to use scp on an unchrooted system. In order to correct > the reported bug, this feature has been eliminated, and you must now have a > valid configuration file. If no config file exists, all users will be locked > out. > + > +Maarten van der Schrieck noticed a bug where, under conditions which are too > far-fetched to describe, the rssh_chroot_helper could crash due to calling > fgets with a null pointer. This can not occur with a normal, proper > installation of rssh. The code path that causes this can only be reached if > the system administrator deliberately installs rssh improperly, and the hoops > through which one must jump to get it to occur are substantial, so the > security impact here is basically nil. But it is a legitimate bug, so I fixed > it nonetheless. > + > @@ -115 +128 @@ The 2.2.0 release of rssh fixed the problem in question, but > was > -mistakenly released missing some code for parsing per-user options. > +mistakenly released missing some code for parsing per-user options. > @@ -198 +210,0 @@ with chroot jails. > - > -- > 2.30.0 > > -- > 7E7B 2078 A241 3205 F469 3B21 0AD4 8D58 F9FB DDC6 > Spenser Truex https://equwal.com > _______________________________________________ > rssh-discuss mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/rssh-discuss
signature.asc
Description: PGP signature
_______________________________________________ rssh-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/rssh-discuss
