OpenBSD Errata: September 27, 2021 (sshd)

submited 27 September 2021

An errata patch for sshd(8) has been released for OpenBSD 6.8 and OpenBSD 6.9. sshd(8) from OpenSSH 6.2 (OpenBSD 5.3) through 8.7 (OpenBSD 6.9) failed to correctly initialise supplemental groups when executing an AuthorizedKeysCommand or AuthorizedPrincipalsCommand, where a AuthorizedKeysCommandUser or AuthorizedPrincipalsCommandUser directive has been set to run the command as a different user. Instead these commands would inherit the groups that sshd(8) was started with. Depending on system configuration, inherited groups may allow AuthorizedKeysCommand/AuthorizedPrincipalsCommand helper programs to gain unintended privilege. Neither AuthorizedKeysCommand nor AuthorizedPrincipalsCommand are enabled by default in sshd_config(5). Binary updates for the amd64, i386 and arm64 platform are available via the syspatch utility.

The BSD community linklog
Made a script? Written a blog post? Found a useful tutorial? Share it with the BSD community here or just enjoy what everyone else has found!

Submit

26 October 2021
Valuable News – 2021/10/25  

The Valuable News weekly series is dedicated to provide summary about news, articles and other interesting stuff mostly but not always related to the UNIX or BSD systems.

Running the Searx metasearch engine on OpenBSD  

Searx is a free metasearch engine. This means that it will aggregate search results from several search engines, like Bing, DuckDuckGo, Google or Qwant. But it will also interface with services like DailyMotion, DeviantArt, FramaLibre, GitHub, Reddit or Wikipedia to extract search results. For more information, have a look at the searx online documentation . It also removes Cookies and generate a random profile for each request you do. This is a step forward to privacy.

23 October 2021
OpenBSD on the HiFive Unmatched  

A post reviewing OpenBSD 7.0 riscv64 on the HiFive Unmatched as a desktop.

FreeBSD Foundation October 2021 Fundraising Update  

As of this writing, they’ve raised $180,000 towards $1,250,000 goal for 2021.

Valuable News – 2021/10/19  

The Valuable News weekly series is dedicated to provide summary about news, articles and other interesting stuff mostly but not always related to the UNIX or BSD systems.

Enjoying DiscoverBSD? There is more...

Subscribe to BSD Weekly, our free, once–weekly e-mail round-up of BSD news and articles. It is currated from your content on DiscoverBSD and BSDSec (a deadsimple BSD Security Advisories and Announcements).

You can also support the work on Patreon.
21 October 2021
An LDC bootstrap compiler and LDC package for OpenBSD  

How building an LDC bootstrap works (at least on OpenBSD)

load more