Bug 708 - Remote forward: Connect from privileged port if originator connected from privileged port
Summary: Remote forward: Connect from privileged port if originator connected from pri...
Status: CLOSED WONTFIX
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: ssh (show other bugs)
Version: -current
Hardware: All All
: P4 enhancement
Assignee: OpenSSH Bugzilla mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2003-09-24 02:14 AEST by Robert Dahlem
Modified: 2016-08-02 10:42 AEST (History)
2 users (show)

See Also:

Attachments
proposed patch (11.03 KB, patch)
2003-09-24 02:17 AEST, Robert Dahlem 		no flags Details | Diff
proposed patch for 3.9p1 (9.58 KB, patch)
2004-08-26 00:08 AEST, Robert Dahlem 		no flags Details | Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Dahlem 2003-09-24 02:14:28 AEST 
Got a daemon which checks if connections are originated from a privileged port
(below 1024) to make sure originator has UID==0. Need a way to emulate this when
forwarding ports through secure tunnels.

Implemented ssh option -Q as extension to option -R. With -Q ssh tries to
connect from a port below IPPORT_RESERVED if originator port was below
IPPORT_RESERVED.
Comment 1 Robert Dahlem 2003-09-24 02:17:19 AEST 
Created attachment 460 [details]
proposed patch
Comment 2 Robert Dahlem 2004-08-26 00:08:36 AEST 
Created attachment 704 [details]
proposed patch for 3.9p1
Comment 3 Damien Miller 2015-11-13 14:37:51 AEDT 
Given our privilege separation system, this is much more trouble to implement that it is IMO worth.
Comment 4 Damien Miller 2016-08-02 10:42:41 AEST 
Close all resolved bugs after 7.3p1 release