Bug 1976

Summary: sshd leaks stderr fd when run as 'sshd -D'
Product: Portable OpenSSH Reporter: James Hunt <james.hunt>
Component: sshdAssignee: Assigned to nobody <unassigned-bugs>
Status: CLOSED FIXED    
Severity: normal CC: dtucker
Priority: P2    
Version: 5.9p1   
Hardware: All   
OS: All   
Bug Depends on:    
Bug Blocks: 2076    
Attachments:
Description Flags
close-stderr-inet.diff none

Description James Hunt 2012-02-07 03:31:22 AEDT 
When run as 'sshd -D', the server calls server_accept_inetd(). This function sets stdin and stdout to /dev/null, but crucially does _not_ set stderr.

As such, this fd is leaked from a privileged process (either the parent sshd or the priv-separation process for the user (for example "sshd: james [priv]")) to a non-priv process (for example "sshd: james@pts/0").

I suspect the rationale for leaving stderr as-is is to allow for debug-mode (where the user specifies '-d') such that debug information is written to stderr. However, if sshd is run exactly as 'sshd -D', no '-d' has been specified, so the user does not want debug output. Thus, even though the process does not daemonize, it should still dup stderr to /dev/null.
Comment 1 Damien Miller 2012-02-24 11:15:19 AEDT 
Created attachment 2131 [details]
close-stderr-inet.diff

Close stderr except when -e specified
Comment 2 Darren Tucker 2013-06-05 12:28:10 AEST 
patch applied and will be in 6.3.  thanks.
Comment 3 Damien Miller 2015-08-11 23:02:59 AEST 
Set all RESOLVED bugs to CLOSED with release of OpenSSH 7.1