On Tue, Feb 21, 2012 at 15:53:34 +0100, martin f krafft wrote: > > It seems reasonable to me to try to climb up the process tree until we > > meet a process with "sshd" in the command line (or, maybe better (?), > > with "sshd" in the proc/<pid>/exe symlink). Still not the cleanest of the > > solutions, but should be quite portable. > > Last I checked, /proc is *not* portable.
Right, sorry: "quite" as in "at least for the architectures we'd like to fix, and AFAIK", which I agree is a sensibly different meaning. The check I proposed seems to work fine at least on a recent Linux (2.6.3x), on kFreeBSD 8.2 (asdfasdf) and hurd (exodar). I haven't tested it with esotheric configurations. Looking for the tty in the sshd commandline did not prove very portable as well, so until a really portable way is found we could add another "not-so-portable" check. molly-guard is not a very complex tool, so I'd not be afraid to pollute it with stuff that will be too complex to remove in the future. molly-guard does not guarantee to be triggered each time you're connected via ssh (e.g. a screen or tmux started on a local console and reattached remotely will not contain SSH_* in the environment nor will the inside shell have a sshd-owned tty), IMHO if some more false negatives can be avoided, it could be worth adding a test. Bye, Ludovico -- <l...@dovi.co> IRC: garden@freenode OpenPGP: 1024D/63D2D5D907F89BB8 Jabber/gtalk: garde...@gmail.com -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
