Diffusion FreeBSD src repository 719cb45e82be

openssh: simplify login class restrictions
719cb45e82be
Actions

Tags

None

Referenced Files

None

Subscribers

None

Description

openssh: simplify login class restrictions

Login class-based restrictions were introduced in 5b400a39b8ad. The
code was adapted for sshd's Capsicum sandbox and received many changes
over time, including at least fc3c19a9fcee, bd393de91cc3, and
e8c56fba2926.

During an attempt to upstream the work a much simpler approach was
suggested. Adopt it now in the in-tree OpenSSH to reduce conflicts with
future updates.

Submitted by: Yuchiro Naito (against OpenSSH-portable on GitHub)
Obtained from: https://github.com/openssh/openssh-portable/pull/262
Reviewed by: allanjude, kevans
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D31760

(cherry picked from commit 27ceebbc2402e4c98203c7eef9696f4bd3d326f8)

Details

Provenance

Authored on Aug 31 2021, 7:30 PM

Reviewer

Differential Revision

D31760: openssh: simplify login class restrictions

Parents

rGfbdf5e82a0af: apr: Merge r1889604, r1807975 from trunk:

Branches

Unknown

Tags

Unknown

Event Timeline

emaste committed rG719cb45e82be: openssh: simplify login class restrictions (authored by emaste).Sep 15 2021, 1:42 AM

emaste added an edge: D31760: openssh: simplify login class restrictions.Sep 15 2021, 2:03 AM

Changes (11)

Path

Size

crypto/

openssh/

ssh_namespace.h

sshbuf-getput-basic.c

rG719cb45e82be

crypto/openssh/auth.c

Loading...

crypto/openssh/auth2.c

Loading...

crypto/openssh/config.h

Loading...

crypto/openssh/configure.ac

Loading...

crypto/openssh/monitor.c

Loading...

crypto/openssh/monitor.h

Loading...

crypto/openssh/monitor_wrap.c

Loading...

crypto/openssh/monitor_wrap.h

Loading...

crypto/openssh/ssh_namespace.h

Loading...

crypto/openssh/sshbuf-getput-basic.c

Loading...

crypto/openssh/sshbuf.h

Loading...