Bug 147797 - Create policy for /usr/libexec/openssh/ssh-keysign
Create policy for /usr/libexec/openssh/ssh-keysign
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
: FutureFeature
Depends On:
  Show dependency treegraph
Reported: 2005-02-11 09:21 EST by Tomas Mraz
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version: 1.23.5-2
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-09-04 19:34:51 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Tomas Mraz 2005-02-11 09:21:31 EST
Description of problem:
The ssh-keysign binary is setuid because it needs to read the system's sshd
private keys /etc/ssh/ssh_host_[dr]sa_key. It opens them and immediately drops
to the original uid. It reads /etc/ssh/ssh_config for options. Then it reads the
data which should be signed from STDIN and gets addres/name of a socket it
inherited. Then it verifies that the data passed to it are correct and signs
them  (using /dev/random through OpenSSL). The result is written to stdout.

To protect against revealing the ssh keys the selinux policy should be created.
It was suggested to me by Jakub.
Comment 1 Daniel Walsh 2005-03-24 18:43:45 EST
Added policy to handle this in selinux-policy-strict-1.23.5-2
Not really sure how to test it though.

Note You need to log in before you can comment on or make changes to this bug.