3.0.2p1: all sshd processes owned by root
Jeff A. Earickson
jaearick at colby.edu
Fri Feb 15 02:57:54 EST 2002
Hi,
I installed 3.0.2p1 on our Solaris 8 systems this week (new to ssh),
and when I look at the process list for sshd, I see:
root 14547 1 0 10:35:29 ? 0:00 /opt/openssh/sbin/sshd
root 14548 14547 0 10:35:36 ? 0:01 /opt/openssh/sbin/sshd
Process 14547 is the deamon listening on port 22, but process 14548 is
my connection from elsewhere. I consider it a design flaw (cough, bug)
that this process is owned by root and not by the user who made the
connection, eg:
root 14547 1 0 10:35:29 ? 0:00 /opt/openssh/sbin/sshd
joeblow 14548 14547 0 10:35:36 ? 0:01 /opt/openssh/sbin/sshd
So, I looked at the source code for sshd. Why are there no setuid() and
setgid() calls in the code to change to the user, after the child process
is forked off to process the new connection? It looks like the uid and
gid of the user should be known after do_authentication() or
do_authentication2() has been called, so the ownership of the forked
daemon could be changed after this point. Why isn't it?
--- Jeff Earickson, Colby College
More information about the openssh-unix-dev
mailing list