1976 – sshd leaks stderr fd when run as 'sshd -D'

Bug 1976 - sshd leaks stderr fd when run as 'sshd -D'

Summary: sshd leaks stderr fd when run as 'sshd -D'

Status:	CLOSED FIXED

Alias:	None

Product:	Portable OpenSSH
Classification:	Unclassified
Component:	sshd (show other bugs)
Version:	5.9p1
Hardware:	All All

Importance:	P2 normal
Assignee:	Assigned to nobody

URL:
Keywords:

Depends on:
Blocks:	V_6_3
	Show dependency tree / graph

Reported:	2012-02-07 03:31 AEDT by James Hunt
Modified:	2015-08-11 23:02 AEST (History)
CC List:	1 user (show)

See Also:

Attachments
close-stderr-inet.diff (647 bytes, patch) 2012-02-24 11:15 AEDT, Damien Miller	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description James Hunt 2012-02-07 03:31:22 AEDT

When run as 'sshd -D', the server calls server_accept_inetd(). This function sets stdin and stdout to /dev/null, but crucially does _not_ set stderr.

As such, this fd is leaked from a privileged process (either the parent sshd or the priv-separation process for the user (for example "sshd: james [priv]")) to a non-priv process (for example "sshd: james@pts/0").

I suspect the rationale for leaving stderr as-is is to allow for debug-mode (where the user specifies '-d') such that debug information is written to stderr. However, if sshd is run exactly as 'sshd -D', no '-d' has been specified, so the user does not want debug output. Thus, even though the process does not daemonize, it should still dup stderr to /dev/null.

Comment 1 Damien Miller 2012-02-24 11:15:19 AEDT

Created attachment 2131 [details]
close-stderr-inet.diff

Close stderr except when -e specified

Comment 2 Darren Tucker 2013-06-05 12:28:10 AEST

patch applied and will be in 6.3.  thanks.

Comment 3 Damien Miller 2015-08-11 23:02:59 AEST

Set all RESOLVED bugs to CLOSED with release of OpenSSH 7.1