[Bug 2873] New: AuthorizedKeysCommand with different user prevents fetching authorized keys

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Thu May 31 00:24:45 AEST 2018


https://bugzilla.mindrot.org/show_bug.cgi?id=2873

            Bug ID: 2873
           Summary: AuthorizedKeysCommand with different user prevents
                    fetching authorized keys
           Product: Portable OpenSSH
           Version: 7.7p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: sshd
          Assignee: unassigned-bugs at mindrot.org
          Reporter: jjelen at redhat.com

Created attachment 3158
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3158&action=edit
make sure the cached group information belongs to the current UID

Originally filled in Red Hat bugzilla, which provides also whole
reproducer and analysis (credits to Renaud Métrich):

https://bugzilla.redhat.com/show_bug.cgi?id=1583735

In short, the AuthorizedKeysCommandUser code caches group list, which
is then used also for fetching the authorized keys itself, which
obviously does not work if the groups used do not overlap.

The same issue will probably exist with
AuthorizedPrincipalsCommandUser, but I do not have a reproduce for
this.

The correct solution should checking that the cached information about
groups is for the same UID we have in pw parameter. My proposed
solution is in the attachment.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list