[Bug 2276] AuthorizedKeysCommand: add an option for alternate owner
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Tue Mar 3 19:54:32 AEDT 2015
https://bugzilla.mindrot.org/show_bug.cgi?id=2276
--- Comment #4 from Alon Bar-Lev <alon.barlev at gmail.com> ---
Rebased on top of master.
Can you please reply to question at comment#2? It will simplify the
implementation but I think there is potential security cost.
(In reply to Alon Bar-Lev from comment #2)
> (In reply to Damien Miller from comment #1)
> > I think it would be reasonable to relax the permission check to
> > allow the command to be owned by the user who started sshd as well
> > as root. I don't think another option is warranted or necessary.
>
> I thought that the original code was designed to block the user that
> ssh into local to modify the command, I did not want to violate this
> restriction.
>
> Did I understand incorrectly why we limit ownership?
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list