** Package changed: debian => openssh (Debian)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/293000
Title:
hardy: openssh-server oom_adj can lead to denial of service
To manage notifications about
Hi all,
I have recently came up against this problem myself, and have fixed /
submitted a patch to the openssh development team. Here is the original
report:
So I modified the code to try and repair this oom_adj problem...
port-linux.c:
line 235: //static int oom_adj_save = INT_MIN;
line 236: s
** Tags added: hardy
--
hardy: openssh-server oom_adj can lead to denial of service
https://bugs.launchpad.net/bugs/293000
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://
** Tags added: lucid regression-release
** Tags removed: regression-potential
** Changed in: openssh (Ubuntu Hardy)
Status: New => Confirmed
** Changed in: openssh (Ubuntu Hardy)
Importance: Undecided => Medium
--
hardy: openssh-server oom_adj can lead to denial of service
https://bug
Is there going to be a back port to Hardy 8.04 LTS?
I have had a serious issue with a Virtual Server where the only access
is via SSHD. This resulted in an errant CPAN update downing the entire
box due to all services started via SSH being oom_adj == -17 and
therefore not being killed when out of
** Branch linked: lp:ubuntu/openssh
--
hardy: openssh-server oom_adj can lead to denial of service
https://bugs.launchpad.net/bugs/293000
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubun
This bug was fixed in the package openssh - 1:5.3p1-3ubuntu2
---
openssh (1:5.3p1-3ubuntu2) lucid; urgency=low
* Always set child processes' OOM adjustment to 0, since Upstart will have
set sshd's OOM adjustment on startup and so simply restoring the startup
value won't work
** Branch linked: lp:~ubuntu-core-dev/ubuntu/lucid/openssh/lucid
--
hardy: openssh-server oom_adj can lead to denial of service
https://bugs.launchpad.net/bugs/293000
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailin
Yes, I think you're probably right. I was considering a few possible
alternatives and this seems the least bad.
--
hardy: openssh-server oom_adj can lead to denial of service
https://bugs.launchpad.net/bugs/293000
You received this bug notification because you are a member of Ubuntu
Bugs, which
Colin, thanks for the reply. Maybe I got a wrong impression ;-)
After seeing the issue show up again and again over the last two years,
my suggestion would be to change the oom_adj patch itself to set the
child oom_adj value always to zero, independent of the value that it was
called with.
I unde
I understood the oom_adj patch perfectly, having written it. Apparently
I misunderstood how Upstart's 'oom' stanza worked though ...
Thanks for the analysis; I'll look into this.
** Tags added: regression-potential
--
hardy: openssh-server oom_adj can lead to denial of service
https://bugs.lau
OK, I've debugged a bit into the lucid upstart scripts:
First, I can confirm the regression.
The oom_adj patch is still in place, which is the good news. The bad
news is, that the problem is now caused by the upstart script
/etc/init/ssh.conf
Apparently the author didn't understand how the oom_a
I think the debian patch had been applied in releases after Hardy. But
the daemon only resets the oom_adj value that it was originally called
with. So in Jaunty a DHCP restart script which had the oob_adj value of
-17 itself caused the same effect. See bug report #390556.
I have not checked lucid
To confirm, sshd's child processes do indeed inherit the oom_adjust
setting.
--
hardy: openssh-server oom_adj can lead to denial of service
https://bugs.launchpad.net/bugs/293000
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu
This bug either wasn't fixed or there has been a recent regression.
Ubuntu lucid
openssh-server 1:5.3p1-3ubuntu1
/etc/default/ssh: SSHD_OOM_ADJUST=-17
As well as causing kernel panics, a malicious user can use this
technique to kill off trusted root daemons and (if they use a port >=
1024) launc
Thank you for taking the time to report this bug and helping to make
Ubuntu better. However, I am closing it because the bug has been fixed
in the latest development version of Ubuntu - Lucid Lynx.
This is a significant bug in Ubuntu. If you need a fix for the bug in
previous versions of Ubuntu, p
** Changed in: openssh (Ubuntu)
Status: Incomplete => Triaged
--
hardy: openssh-server oom_adj can lead to denial of service
https://bugs.launchpad.net/bugs/293000
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs ma
Thanks for taking the time to report this bug. Please check if this has
been solved on an up to date Ubuntu. If this is an issue on Hardy for
you,
Please note: I assume it will not be solved by an update of ssh as
packages on a released version are only patched (not updated) and this
only when a s
** Changed in: debian
Status: Unknown => Fix Released
--
hardy: openssh-server oom_adj can lead to denial of service
https://bugs.launchpad.net/bugs/293000
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing li
** This bug has been flagged as a security issue
--
hardy: openssh-server oom_adj can lead to denial of service
https://bugs.launchpad.net/bugs/293000
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bu
** Bug watch added: Debian Bug tracker #480020
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480020
** Also affects: debian via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480020
Importance: Unknown
Status: Unknown
--
hardy: openssh-server oom_adj can lead to denial of se
As work-around I would suggest setting SSHD_OOM_ADJUST to 0 in
/etc/default/ssh. This allows the killing of ssh and child processes by
the OOM killer again.
--
hardy: openssh-server oom_adj can lead to denial of service
https://bugs.launchpad.net/bugs/293000
You received this bug notification bec
22 matches
Mail list logo
