[Bug 2885] New: sshd is not using chroot and privsep on default cygwin install any more
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Tue Jul 24 02:41:44 AEST 2018
https://bugzilla.mindrot.org/show_bug.cgi?id=2885
Bug ID: 2885
Summary: sshd is not using chroot and privsep on default cygwin
install any more
Product: Portable OpenSSH
Version: 7.7p1
Hardware: Other
OS: Cygwin on NT/2k/W7/W8/W10
Status: NEW
Severity: security
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
Reporter: Christian.Lupien at USherbrooke.ca
I think that since commit d13281f2964abc5f2e535e1613c77fc61b0c53e7
sshd under cygwin is no longer using privsep by default.
I was trying to test which sshd account the program was using for
privsep (I had a local and a domain sshd account). However I was unable
to see any use of it (nor any errors). I looked at the "ps -a" output,
also at the output of "sshd -d -d -d" and even tried strace but could
not find it anywhere.
I then looked at the code. Most the places in the code where
getuid() == 0
is used it the code is special cased for cgywin but the change
introduced by the commit d13281f2964abc5f2e535e1613c77fc61b0c53e7 did
not.
Therefore, privsep under cygwin seems to be disabled unless the account
under which sshd is executed is forced to have uid=0 (by changing the
/etc/passwd file).
I did try the forcing uid=0 in the passwd file and that worked (I saw
the sshd account being used and chroot executed.)
I have not tried modifying the code and recompiling it but probably
replacing (part of line 1734)
getuid() == 0 || geteuid() == 0
with
platform_privileged_uidswap()
would work.
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list