ssh setuid changes.
Ben Lindstrom
mouring at etoh.eviladmin.org
Wed Jun 12 02:30:42 EST 2002
Ok, I'm doing a heads up here.
I just applied:
- markus at cvs.openbsd.org 2002/06/11 04:14:26
[ssh.c sshconnect.c sshconnect.h]
no longer use uidswap.[ch] from the ssh client
run less code with euid==0 if ssh is installed setuid root
just switch the euid, don't switch the complete set of groups
(this is only needed by sshd). ok provos@
A few comments about this..
1. I bet dollars to donuts that platforms with problems recovering from
set[e]uid() changes (NeXT,etc).
2. ssh_create_socket() changed slightly, which should only affect Cygwin.
However, looking at the code I think it just needs a glance over by the
porter to ensure no additional work is needed.
sshconnect.c:
@@ -297,26 +295,14 @@
host, ntop, strport);
/* Create a socket for connecting. */
- sock = ssh_create_socket(pw,
-#ifdef HAVE_CYGWIN
- !anonymous,
-#else
- !anonymous && geteuid() == 0,
-#endif
+ sock = ssh_create_socket(needpriv, ai->ai_family);
If there is problems with having ssh setuid please speak up and
preferable with a patch so I don't have to suffer at the hands of my poor
68k-25mhz box.=)
- Ben
More information about the openssh-unix-dev
mailing list