** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gnome-control-center in Ubuntu.
https://bugs.launchpad.net/bugs/2039577
Title:
gnome-control-center incorrectly claims remote login is off
Status in gnome-control-center package in Ubuntu:
Fix Released
Bug description:
GNOME control center offers a way to disable or enable remote shell
(ssh) connections. This functionality is outsourced to
/usr/libexec/cc-remote-login-helper which starts and stops the systemd
service ssh.service using the code:
if (!cc_disable_service (SSHD_SERVICE, G_BUS_TYPE_SYSTEM, &error))
...
if (!cc_enable_service (SSHD_SERVICE, G_BUS_TYPE_SYSTEM,
&error))
The irony is that ssh.service is socket activated:
zyga@x240:~$ systemctl status ssh.service
● ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/system/ssh.service; enabled; preset:
enabled)
Drop-In: /etc/systemd/system/ssh.service.d
└─00-socket.conf
Active: active (running) since Tue 2023-10-17 16:40:04 CEST; 21s ago
TriggeredBy: ● ssh.socket
Docs: man:sshd(8)
man:sshd_config(5)
Process: 7055 ExecStartPre=/usr/sbin/sshd -t (code=exited,
status=0/SUCCESS)
Main PID: 7056 (sshd)
Tasks: 1 (limit: 9305)
Memory: 1.4M
CPU: 21ms
CGroup: /system.slice/ssh.service
└─7056 "sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups"
paź 17 16:40:04 x240 systemd[1]: Starting ssh.service - OpenBSD Secure Shell
server...
paź 17 16:40:04 x240 sshd[7056]: Server listening on :: port 22.
paź 17 16:40:04 x240 systemd[1]: Started ssh.service - OpenBSD Secure Shell
server.
In effect, it will always activate again whenever someone attempts to connect.
This bug is a security vulnerability, as users may be prone to attacks
while thinking remote shell is disabled.
I would suggest to *mask* the service, so that it cannot be socket
activated.
ProblemType: Bug
DistroRelease: Ubuntu 23.10
Package: gnome-control-center 1:45.0-1ubuntu2
ProcVersionSignature: Ubuntu 6.5.0-9.9-generic 6.5.3
Uname: Linux 6.5.0-9-generic x86_64
ApportVersion: 2.27.0-0ubuntu5
Architecture: amd64
CasperMD5CheckResult: pass
CurrentDesktop: ubuntu:GNOME
Date: Tue Oct 17 16:36:23 2023
InstallationDate: Installed on 2023-10-17 (0 days ago)
InstallationMedia: Ubuntu 23.10.1 "Mantic Minotaur" - Release amd64
(20231016.1)
ProcEnviron:
LANG=pl_PL.UTF-8
PATH=(custom, no user)
SHELL=/bin/bash
TERM=xterm-256color
XDG_RUNTIME_DIR=<set>
SourcePackage: gnome-control-center
UpgradeStatus: No upgrade log present (probably fresh install)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-control-center/+bug/2039577/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
