Kevin Kofler via devel wrote:
Dominique Martinet wrote:
Before making each of these safer we should make sshd not link with so many things in the first place.
Indeed. E.g., Arch Linux does not transitively link sshd against liblzma. Fedora does because of this innocuous-looking patch: https://src.fedoraproject.org/rpms/openssh/blob/rawhide/f/openssh-7.4p1-syst... which is what ultimately allowed this to happen. This drags in libsystemd for sd_notify, and libsystemd is linked to way too much stuff including liblzma. Either we need a split libsdnotify that contains only sd_notify, or we should just stop using sd_notify at all.
Upstream openssh-portable has a proposed patch which simply implements the sdnotify protocol directly. That would provide the benefits with none of the over-linking risk.
https://bugzilla.mindrot.org/show_bug.cgi?id=2641#c13
It could use some review from distro folks familiar with sshd systemd integration.
(The wider point about splitting the sdnotify functionality is still quite useful, to avoid everyone re-implementing the same thing and possibly adding bugs in _that_ process.)