Examining OpenSSH Sandboxing and Privilege Separation โ Attack Surface Analysis
The recent OpenSSH double-free vulnerability โ CVE-2023-25136, created a lot of interest and confusion regarding OpenSSHโs custom security mechanisms โ Sandbox and Privilege Separation. Until now, both of these security mechanisms were somewhat unnoticed and only partially documented. The double-free vulnerability raised interest for those who were affected and those controlling servers that use OpenSSH. โฆ