PAM Service Name Patch
David Terrell
dbt at meat.net
Tue Apr 17 08:48:58 EST 2001
On Mon, Apr 16, 2001 at 06:40:55PM -0400, Jim Knoble wrote:
> If i recall, there were concerns voiced that a local user would be able
> to create a link to sshd using a different service name which would be
> handled by a more lenient PAM configlet (such as 'other').
>
> I believe the response was that that didn't really matter, since local
> users would have to have privilege to begin with in order to run sshd
> such that they could take advantage of the link to gain privilege.
> Chicken-and-egg.
>
> Anyone else remember differently?
If a local user can make a hardlink and run sshd with some privilege,
they can compile their own sshd with their own PAM config option and
run it with some privilege. The only time this could possibly be
an issue is if you're running something that's setuid (on the authenticating
side, a setuid ssh client obviously makes no difference)... and anybody
with a setuid sshd deserves all the trouble they get.
--
David Terrell | "We must go forward, not backwards; upwards,
Nebcorp Prime Minister | not forwards; and always twirling, twirling,
dbt at meat.net | twirling towards freedom!"
http://wwn.nebcorp.com/ | - The Simpsons
More information about the openssh-unix-dev
mailing list