expire checks
Damien Miller
djm at mindrot.org
Sat Apr 27 13:23:07 EST 2002
On Fri, 26 Apr 2002, Chris Adams wrote:
> Once upon a time, Damien Miller <djm at mindrot.org> said:
> > > I've been meaning to ask: what exactly _is_ privsep (is there some
> > > documentation somewhere)? I'll see how things go on OSF/1 aka Tru64
> > > with privsep as soon as I know how to try. :-)
> >
> > http://www.citi.umich.edu/u/provos/ssh/privsep.html
>
> Okay, I'm looking at this now. One suggestion: it could use a little
> more documentation (things like "/var/empty" and such).
>
> I'm still trying to get a handle on how privsep works in the code; any
> suggestions for how to handle this?
The picture on the above website descibes the flow pretty well. In the
code, the unprivileged child calls functions in monitor_wrap.c which
pass requests to the privileged parent over a socket, these requests
are demarshalled and processed in monitor.c.
The PRIVSEP(func) macro will execute either func() or mm_func() (from
monitor_wrap.c) depending on whether use_privsep is activated.
> However, it does not work on Tru64. The problem is that
> session_setup_sia(), currently called from session.c/do_child(), needs
> to run as root. It accesses the protected password database to verify
> the account is active and to log the access (most recent access is
> logged in the protected password database).
This looks very similar to what we do for pam_start. Have a look at
monitor_mm.c and monitor_wrap.c to see how this is passed from child
to parent.
-d
More information about the openssh-unix-dev
mailing list