Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: SSH LocalForward
From: sevo () inm de (Sevo Stille)
Date: Sun, 3 Aug 1997 13:49:11 +0200


- the
more reasonable method is to move the check into add_local_forward():

 --- readconf.c  Sun Aug  3 00:55:40 1997
+++ readconf.c.orig     Sun Aug  3 00:57:21 1997

Arrgh. As Jon Lewis correctly pointed out, the patch is reversed and could
do with some cleanup.

--- readconf.c.orig     Sun Aug  3 00:57:21 1997
+++ readconf.c  Sun Aug  3 13:20:08 1997
@@ -204,6 +204,10 @@
   Forward *fwd;
   if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)
     fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION);
+  if (port < 1024 && original_real_uid != UID_ROOT)
+  {
+     fatal("Privileged ports can only be forwarded by root.\n");
+  }
   fwd = &options->local_forwards[options->num_local_forwards++];
   fwd->port = port;
   fwd->host = xstrdup(host);


Sevo



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault