[scponly] Relative listing outside scponlyc chroot jail allowed?
Jan Mazáč
jan at hifi-web.com
Sun Sep 23 16:22:35 EDT 2007
Hello Kaleb,
Here goes the tracing info. Since once again Linux and OSX are bit
different I couldn't use your FAQ instructions per se. There is no
"strace" command on my system so I guessed and used ktrace instead. I
ran it on PID of the root owned sshd process that was started when I
connected from client via sftp.
Output looks different then one in the FAQ though so I'm not really
sure that it is what you wanted:
470 sshd RET read 4
470 sshd CALL read(0x7,0x1808600,0xe)
470 sshd GIO fd 7 read 14 bytes
"
\0\0\0 SomePass"
470 sshd RET read 14/0xe
470 sshd CALL open(0x66fef,0,0)
470 sshd NAMI "/etc/nologin"
470 sshd RET open -1 errno 2 No such file or directory
470 sshd CALL open(0xbfffe6e0,0,0)
470 sshd NAMI "/System/Library/CoreServices/CharacterSets/
CFUnicodeData-L.mapping"
470 sshd RET open 6
470 sshd CALL fstat(0x6,0xbfffeae0)
470 sshd RET fstat 0
470 sshd CALL mmap(0,0x13da4,0x1,0x2,0x6,0)
470 sshd RET mmap 512000/0x7d000
470 sshd CALL close(0x6)
470 sshd RET close 0
470 sshd CALL open(0xbfffe6d0,0,0)
470 sshd NAMI "/System/Library/CoreServices/CharacterSets/
CFCharacterSetBitmaps.bitmap"
470 sshd RET open 6
470 sshd CALL fstat(0x6,0xbfffead0)
470 sshd RET fstat 0
470 sshd CALL mmap(0,0x560c6,0x1,0x2,0x6,0)
470 sshd RET mmap 593920/0x91000
470 sshd CALL close(0x6)
470 sshd RET close 0
470 sshd CALL stat(0x6afde,0xbffff654)
470 sshd NAMI "/usr/bin/mnthome"
470 sshd RET stat 0
470 sshd CALL open(0xa0000334,0x2,0)
470 sshd NAMI "/dev/ptyp0"
470 sshd RET open -1 errno 5 Input/output error
470 sshd CALL open(0xa0000334,0x2,0)
470 sshd NAMI "/dev/ptyp1"
470 sshd RET open -1 errno 5 Input/output error
470 sshd CALL open(0xa0000334,0x2,0)
470 sshd NAMI "/dev/ptyp2"
470 sshd RET open -1 errno 5 Input/output error
470 sshd CALL open(0xa0000334,0x2,0)
470 sshd NAMI "/dev/ptyp3"
470 sshd RET open -1 errno 5 Input/output error
470 sshd CALL open(0xa0000334,0x2,0)
470 sshd NAMI "/dev/ptyp4"
470 sshd RET open 6
470 sshd CALL fstat(0x6,0xbffff544)
470 sshd RET fstat 0
470 sshd CALL stat(0x9015ea3c,0xbffff4e4)
470 sshd NAMI "/dev/ptyp0"
470 sshd RET stat 0
470 sshd CALL geteuid
470 sshd RET geteuid 0
470 sshd CALL getuid
470 sshd RET getuid 0
470 sshd CALL chown(0xa00005a0,0,0x4)
470 sshd NAMI "/dev/ttyp4"
470 sshd NAMI "._ttyp4"
470 sshd RET chown 0
470 sshd CALL chmod(0xa00005a0,0x190)
470 sshd NAMI "/dev/ttyp4"
470 sshd NAMI "._ttyp4"
470 sshd RET chmod 0
470 sshd CALL revoke(0xa0000334)
470 sshd NAMI "/dev/ttyp4"
470 sshd RET revoke 0
470 sshd CALL open(0xa0000334,0x2,0)
470 sshd NAMI "/dev/ttyp4"
470 sshd RET open 8
470 sshd CALL fork
470 sshd RET fork 474/0x1da
470 sshd CALL close(0x8)
470 sshd RET close 0
470 sshd CALL read(0x6,0xbffff6d6,0x9)
470 sshd GIO fd 6 read 9 bytes
"Error: Th"
470 sshd RET read 9
470 sshd CALL ioctl(0x6,TIOCFLUSH,0xbffff5fc)
470 sshd RET ioctl 0
470 sshd CALL close(0x6)
470 sshd RET close 0
470 sshd CALL wait4(0x1da,0,0,0)
470 sshd RET wait4 474/0x1da
470 sshd CALL write(0x7,0xbffff7fb,0x5)
470 sshd GIO fd 7 wrote 5 bytes
"\0\0\0\^E\v"
470 sshd RET write 5
470 sshd CALL write(0x7,0x1808600,0x4)
470 sshd GIO fd 7 wrote 4 bytes
"\0\0\0\^A"
470 sshd RET write 4
470 sshd CALL read(0x7,0xbffff85c,0x4)
470 sshd GIO fd 7 read 4 bytes
"\0\0\0\^A"
470 sshd RET read 4
470 sshd CALL read(0x7,0x1808600,0x1)
470 sshd GIO fd 7 read 1 byte
"0"
470 sshd RET read 1
470 sshd CALL write(0x7,0xbffff85b,0x5)
470 sshd GIO fd 7 wrote 5 bytes
"\0\0\0 1"
470 sshd RET write 5
470 sshd CALL write(0x7,0x1808600,0x8)
470 sshd GIO fd 7 wrote 8 bytes
"\0\0\0\^A\0\0\0\0"
470 sshd RET write 8
470 sshd CALL access(0x90162ef8,0x4)
470 sshd NAMI "/etc/localtime"
470 sshd RET access 0
470 sshd CALL open(0x90162ef8,0,0)
470 sshd NAMI "/etc/localtime"
470 sshd RET open 6
470 sshd CALL fstat(0x6,0xbfffc2b8)
470 sshd RET fstat 0
470 sshd CALL read(0x6,0xbfffc2b8,0x1f08)
470 sshd GIO fd 6 read 806 bytes
"TZif\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\^F\0\0\0\^F\0\0\0
\0\0\0\0\
\M^M\0\0\0\^F\0\0\0 \M^[\f\^W`\M^[\M-U\M-Z\M-p\M^\\M-Y\M-.\M^P\M^]\
\M-$\M-5\M^P\M^^\M-9\M^P\M^P\M^_\M^D\M^W\M^P\M-H q\M^P\M-L\M-gK\
\^P\M-M\M-)\^W\M^P\M-N\M-"C\^P\M-O\M^R4\^P\M-Pn^\M^P\M-Qy\M^?\^P\M-R\
\M-!O\^P\M-S\M^@\^\\M^P\M-TI\M-R\^P\M-UL8\^P\M-V)\M-4\^P\M-W,\^Z\^P\
\M-X \M^V\^P\M-Y\^Ap\^P\M-Y\M-ix\^P\^P\M-mdp\^Qd'\M^P\^RT\^X\M^P\^S\
MD\^P\^T3\M-z\M^P\^U#\M-k\M^P\^V\^S\M-\\M^P\^W\^C\M-M\M^P\^W\M-s\M->\
\M^P\^X\M-c\M-/\M^P\^Y\M-S\240\M^P\^Z\M-C\M^Q\M^P\^[\M-<\M-=\^P\^\\M-,\
\M-.\^P\^]\M^\\M^_\^P\^^\M^L\M^P\^P\^_|\M^A\^P lr\^P!\\c\^P"LT\^P#<E\
\^P$,6\^P%\^\'\^P&\f\^X\^P'\^EC\M^P'\M-u4\M^P(\M-e%\M^P)\M-U\^V\M^P*\
\M-E\a\M^P+\M-4\M-x\M^P,\M-$\M-i\M^P-\M^T\M-Z\M^P.\M^D\M-K\M^P/t\M-<\
\M^P0d\M--\M^P1]\M-Y\^P2r\M-4\^P3=\M-;\^P4R\M^V\^P5\^]\M^]\^P62x\^P6\
\M-}\^?\^P8\^[\M^T\M^P8\M-]a\^P9\M-{v\M^P:\M-=C\^P;\M-[X\M^P<\M-&_\M^P\
=\M-;:\M^P>\M^FA\M^P?\M^[\^\\M^P at f#\M^PA\M^D9\^PBF\^E\M^PCd\^[\^PD%\
\M-g\M^PEC\M-}\^PF\^E\M-I\M^PG#\M-_\^PG\M-n\M-f\^PI\^C\M-A\^PI\M-N\M-H\
\^PJ\M-c\M-#\^PK\M-.\M-*\^PL\M-L\M-?\M^PM\M^N\M^L\^PN\M-,\M-!\M^POnn\
\^PP\M^L\M^C\M^PQW\M^J\M^PRle\M^PS7l\M^PTLG\M^PU\^WN\M^PV,)\M^PV\M-w0\
\M^PX\^UF\^PX\M-W\^R\M^PY\M-u(\^PZ\M-6\M-t\M^P[\M-U
\^P\\\240\^Q\^P]\M-4\M-l\^P^\^?\M-s\^P_\M^T\M-N\^P`_\M-U\^Pa}\M-j\M^Pb\
?\M-7\^Pc]\M-L\M^Pd\^_\M^Y\^Pe=\M-.\M^Pf\b\M-5\M^Pg\^]\M^P\M^Pg\M-h\
\M^W\M^Ph\M-}r\M^Pi\M-Hy\M^Pj\M-]T\M^Pk\M-([\M^Pl\M-Fq\^Pm\M^H=\M^Pn\
\M-&S\^Poh\^_\M^Pp\M^F5\^PqQ<\^Prf\^W\^Ps1\^^\^PtE\M-y\^Pu\^Q\0\^Pv/\
\^U\M^Pv\M-p\M-b\^Px\^N\M-w\M^Px\M-P\M-D\^Py\M-n\M-Y\M^Pz\M-0\M-&\^P{\
\M-N\M-;\M^P|\M^Y\M-B\M^P}\M-.\M^]\M^P~y\M-$\M^P\^?\M^N\^?\M^P\0\^A\^B\
\^C\^B\^C\^B\^C\^B\^C\^B\^C\^B\^C\^B\^C\^B\^C\^B\^C\^B\^C\^A\^D\^E\^D\
\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\
\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\
\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\
\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\
\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\^D\^E\
\0\0\^\ \^A\0\0\0\^N\^P\0\^E\0\0\^\ \^A\0\0\0\^N\^P\0\^E\0\0\^\ \^A\0\
\0\0\^N\^P\0\^ECEST\0CET\0\0\0\^A\^A\^A\^A\0\0\0\0\^A\^A"
470 sshd RET read 806/0x326
470 sshd CALL close(0x6)
470 sshd RET close 0
470 sshd CALL socket(0x1,0x2,0)
470 sshd RET socket 6
470 sshd CALL fcntl(0x6,0x2,0x1)
470 sshd RET fcntl 0
470 sshd CALL connect(0x6,0xa000b980,0x6a)
470 sshd NAMI "/var/run/syslog"
470 sshd RET connect 0
470 sshd CALL sendto(0x6,0xbfffe318,0x64,0,0,0)
470 sshd GIO fd 6 wrote 100 bytes
"<86>Sep 23 18:30:01 sshd[470]: Accepted password for
SomeUser from 2\
13.220.221.246 port 42197 ssh2"
470 sshd RET sendto 100/0x64
470 sshd CALL close(0x6)
470 sshd RET close 0
470 sshd CALL read(0x7,0xbffff7cc,0x4)
470 sshd GIO fd 7 read 4 bytes
"\0\0\^EX"
470 sshd RET read 4
470 sshd CALL read(0x7,0x1808600,0x558)
470 sshd GIO fd 7 read 1368 bytes
"\^X\0\0\0 mGx\M^_\M^H\M-vW\M-| >\M-_u\^T\r&QV\M-S\M-z\M-/\^D
\M-)\0\M^Z\
"\M^D\M-A\r$ \M-d\M-m\0\0\0\^P\0\0\0\^A\0\0\0\^C\0\0\^CQ\v\\iC+V~\M^K\
\M-E\^V\M-nEB1\^Q\M-(\0\0\0\M-wgss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g==,g\
ss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==,gss-group14-sha1-toWM5Slw5Ew8M\
qkay+al2g==,diffie-hellman-group-exchange-sha256,diffie-hellman-group-\
exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1\0\
\0\0\^Ossh-rsa,ssh-dss\0\0\0\M^]aes128-cbc,3des-cbc,blowfish-cbc,cast1\
28-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cb\
c at lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr\0\0\0\M^]aes128-cbc,\
3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192\
-cbc,aes256-cbc,rijndael-cbc at lysator.liu.se,aes128-ctr,aes192-ctr,aes2\
56-ctr\0\0\0Uhmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.\
com,hmac-sha1-96,hmac-md5-96\0\0\0Uhmac-md5,hmac-sha1,hmac-ripemd160,h\
mac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96\0\0\0\^Unone,zlib at o\
penssh.com\0\0\0\^Unone,zlib at openssh.com\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\
\0\0\0\0\0\0\0\0\0\^SSSH-2.0-OpenSSH_4.5\0\0\0\^SSSH-2.0-OpenSSH_4.5\0\
\0\0v\0\0\0
aes128-cbc0\M-:\^D\0\0\0\0\0\0\0\0\^P\0\0\0\^Pqw\M-mP\M^VN\M-8\M-/\M-m\
\M-ry\^W\M-]\^Y\M-e\M-#\0\0\0\^P\M-&\f\^Y\M-ep\M-f\^R(:U\M-<d\M-qz\M^K\
\M^L\0\0\0\bhmac-md5\0\0\0\^A\0\0\0\^P\M^A\M-l\M-|\M^^\M^T\M-9i\M-Q\
\M-3\M-h\M-4\M-p+'\M^XL\0\0\0\0\0\0\0\0\0\0\0\^Dnone\0\0\0v\0\0\0
aes128-cbc0\M-:\^D\0\0\0\0\0\0\0\0\^P\0\0\0\^P}e \M^D\M-\\M-d\M^\^\M-'\
\M-"\M-g\^?\M-X\^R=\^O\0\0\0\^Py\M-/\M-+>\M^B=\M-p\M^[3\M-QW\M^C\M-9\
\240n\^S\0\0\0\bhmac-md5\0\0\0\^A\0\0\0\^P\M-n\M-XB\M^L\M-y2\M-[\M-;\
\M-c~\^_^\M^H\M-w\M-ti\0\0\0\0\0\0\0\0\0\0\0\^Dnone\0\0\0 \0\0\0\
\0\0\0\0\^O\0\0\0\^E\0\0\0 \0\0\0\0\0\0\0f\0\0\0\^E\0\0\0\0\0\0\0\
\0\0\0\08\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\
\0\0,n\^A\0\M^Qn\^A\0\0`\^E\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\08\0\0\0\0\0\
\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0,n\^A\0\M^Qn\^A\
\0\0`\^E\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
470 sshd RET read 1368/0x558
470 sshd CALL close(0x7)
470 sshd RET close 0
470 sshd CALL mmap(0,0x140000,0x3,0x1001,0xffffffff,0)
470 sshd RET mmap 5525504/0x545000
470 sshd CALL __sysctl(0xbffff884,0x2,0xa000df28,0xbffff88c,
0,0)
470 sshd RET __sysctl 0
470 sshd CALL munmap(0x56000,0x10000)
470 sshd RET munmap 0
470 sshd CALL wait4(0x1d7,0xbffffe68,0,0)
470 sshd RET wait4 471/0x1d7
470 sshd CALL setitimer(0,0xbffff930,0xbffff920)
470 sshd RET setitimer 0
470 sshd CALL sigaction(0xe,0,0xbffff928)
470 sshd RET sigaction 0
470 sshd CALL sigaction(0xe,0xbffff8f0,0)
470 sshd RET sigaction 0
470 sshd CALL socketpair(0x1,0x1,0,0xbffff938)
470 sshd RET socketpair 0
470 sshd CALL fcntl(0x6,0x2,0x1)
470 sshd RET fcntl 0
470 sshd CALL fcntl(0x7,0x2,0x1)
470 sshd RET fcntl 0
470 sshd CALL fork
470 sshd RET fork 475/0x1db
470 sshd CALL close(0x6)
470 sshd RET close 0
470 sshd CALL sigaction(0x1,0,0xbffff8f8)
470 sshd RET sigaction 0
470 sshd CALL sigaction(0x1,0xbffff8c0,0)
470 sshd RET sigaction 0
470 sshd CALL sigaction(0xf,0,0xbffff8f8)
470 sshd RET sigaction 0
470 sshd CALL sigaction(0xf,0xbffff8c0,0)
470 sshd RET sigaction 0
470 sshd CALL read(0x7,0xbffff8ac,0x4)
470 sshd GIO fd 7 read 4 bytes
"\0\0\0\^]"
470 sshd RET read 4
470 sshd CALL read(0x7,0x1808600,0x1d)
470 sshd GIO fd 7 read 29 bytes
";\0\0\0\^X/usr/libexec/sftp-server"
470 sshd RET read 29/0x1d
470 sshd CALL read(0x7,0xbffff8ac,0x4)
470 sshd GIO fd 7 read 4 bytes
"\0\0\0\^E"
470 sshd RET read 4
470 sshd CALL read(0x7,0x1808600,0x5)
470 sshd GIO fd 7 read 5 bytes
":\0\0\0\v"
470 sshd RET read 5
470 sshd CALL read(0x7,0xbffff8ac,0x4)
470 sshd GIO fd 7 read 4 bytes
"\0\0\0\^A"
470 sshd RET read 4
470 sshd CALL read(0x7,0x1808600,0x1)
470 sshd GIO fd 7 read 1 byte
"<"
470 sshd RET read 1
470 sshd CALL wait4(0x1db,0xbffff8ac,0,0)
470 sshd RET wait4 475/0x1db
470 sshd CALL exit(0)
If I didn't do what I was supposed to could you try to point me what
else I can do?
Thanks
jan
::: jan mazáč ::: www.hifi-web.com ::: +420 603 295 975 :::
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2415 bytes
Desc: not available
Url : https://lists.ccs.neu.edu/pipermail/scponly/attachments/20070923/33fa3878/attachment.bin
More information about the scponly
mailing list