SECURITY: lshd leaks fd:s to user shells

Niels Möller nisse at
Fri Jan 20 17:44:07 CET 2006

Stefan Pfetzing noticed that lshd leaks a couple of file descriptors,
related to the randomness generator, to user shells which are started
by lshd.

This is a security problem, in at least two ways:

* A user can truncate the server's seed file, which may prevent the
  server from starting.

* By reading the file, a user can get information that may be useful
  for cracking other user's session keys, as well as public keys that
  are generated from the disclosed seed file. (To understand what the
  impact is, one must understand how yarrow generates and uses the
  seed file. My initial analysis is that reading the seed-file is
  advantageous only if it is read just prior to the start of some
  process using the seed for initialization.)

This is a local hole. It provides for fairly easy denial of service by
local users, and with some more effort, maybe also cracking of session

The below patch, relative to lsh-2.0.1, seems to solve the problem.
After applying the patch, you should remove and then regenerate the
server's seed file (since users may still have open fd:s), and restart

I hope to be able to put together a new release sometime next week.
I'll be off-line over the weekend. In the mean time, feel free to
inform other distributors and appropriate security fora about the

Sorry for the inconvenience,

*** unix_random.c.~1.17.~	2004-11-17 22:13:27.000000000 +0100
--- unix_random.c	2006-01-20 14:26:05.000000000 +0100
*** 258,263 ****
--- 258,264 ----
        if (self->device_fd < 0)
  	return 0;

+       io_set_close_on_exec(self->device_fd);
        self->device_last_read = now;

*** 381,386 ****
--- 382,388 ----
  	return NULL;

+     io_set_close_on_exec(self->seed_file_fd);
      trace("random_init, reading seed file...\n");

      if (!read_initial_seed_file(&self->yarrow, self->seed_file_fd))

More information about the lsh-bugs mailing list