subversion-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nico Kadel-Garcia <nka...@gmail.com>
Subject Re: ssh+svn vs. bash security bug?
Date Thu, 25 Sep 2014 10:04:57 GMT
On Thu, Sep 25, 2014 at 5:25 AM, Bert Huijben <bert@qqmail.nl> wrote:
>
>
>> -----Original Message-----
>> From: Stefan Sperling [mailto:stsp@elego.de]
>> Sent: donderdag 25 september 2014 10:09
>> To: Nico Kadel-Garcia
>> Cc: Les Mikesell; users
>> Subject: Re: ssh+svn vs. bash security bug?
>>
>> On Wed, Sep 24, 2014 at 07:30:57PM -0400, Nico Kadel-Garcia wrote:
>> > Setting up a chroot for Subversion for just this purpose gets...
>> > potentially adventuresome. The maintainers of OpenSSH have generically
>> > refused to support chroot changes, so it's a bit awkward to even set
>> > up. Various folks have published patches or integration kits to
>> > support genuine chroot cages: heck, even I used to publish patches for
>> > OpenSSH to provide them.
>>
>> I have to admit that while I did successfully chroot svnserve with
>> svn:// once, I've never tried to chroot svn+ssh://
>>
>> But I'd be surprised if OpenSSH was making this difficult.
>> The ChrootDirectory configuration option of OpenSSH won't do?
>> If so, why not?
>>
>> Upgrading bash is a better solution to this particular problem,
>> of course, but using a chroot containing the minimum components
>> could still be a good idea in general.
>
> Also switching these users to a shell with far less features than bash might
> be an even better solution.
>
> If the users are only allowed to use 'svnserve' they don't need all the
> features of a shell...

Unfortunately for this security issue, bash is the default for many
systems. Even "/bin/sh" is often a symlink to "/bin/bash" these days.
, And changing the shell of the user that accepts the incoming SSH
connections is... interestingly prone to problems if done in a dead
rush.

Mime
View raw message