https://bugzilla.mindrot.org/show_bug.cgi?id=2468
--- Comment #10 from Damien Miller <[email protected]> --- I took a quick look at this patch and it seem ok wrt the configuration parsing side. However, it doesn't do the right thing wrt sshd's self-reexecution. When sshd accepts a connection, instead of just fork(2)ing a subprocess to handle, it forks and re-executes sshd to ensure each child process gets a different memory layout, re-randomised stack cookies, etc. Part of the re-execution shuffle is passing the entire sshd_config from the listener sshd process to the re-executed one. This ensures that the configuration used is the one that sshd was originally started with, not the one that happens to be in the filesystem at the time the connection was received. This patch doesn't do that. I think maybe if you extended include_list to record the full text of each included file and then marshaled/demarsheled that in sshd.c:send_rexec_state()/recv_rexec_state() then you'd be close to good. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
