An errata patch for sshd(8) has been released for OpenBSD 6.8 and
OpenBSD 6.9.
sshd(8) from OpenSSH 6.2 (OpenBSD 5.3) through 8.7 (OpenBSD 6.9) failed to
correctly initialise supplemental groups when executing an
AuthorizedKeysCommand or AuthorizedPrincipalsCommand, where a
AuthorizedKeysCommandUser or AuthorizedPrincipalsCommandUser directive has
been set to run the command as a different user. Instead these commands
would inherit the groups that sshd(8) was started with.
Depending on system configuration, inherited groups may allow
AuthorizedKeysCommand/AuthorizedPrincipalsCommand helper programs to gain
unintended privilege.
Neither AuthorizedKeysCommand nor AuthorizedPrincipalsCommand are enabled
by default in sshd_config(5).
Binary updates for the amd64, i386 and arm64 platform are available
via the syspatch utility. Source code patches can be found on the
respective errata page:
https://www.openbsd.org/errata68.html
https://www.openbsd.org/errata69.html
No comments:
Post a Comment