ssh setuid changes.
Markus Friedl
markus at openbsd.org
Wed Jun 12 05:22:01 EST 2002
well i don't think it's worth the trouble,
since this code is only for rhosts-rsa.
for hostbased auth ssh no longer needs to
be setuid root.
-m
On Tue, Jun 11, 2002 at 11:17:31AM -0700, Darren Moffat wrote:
> >I'm still convinced that expressions as
> >
> > if (uid == 0)
> >
> >should be changed to a function call
> >
> > if (is_superuser (uid))
> >
> >which would allow to write platform dependent code in port-XXX.c
> >instead of having the need for #ifdef's.
>
> Taking it a step further the function could take an arugment that says why the
> check is being done (bind to priveleged port, read a file I don't own) and
> would setup the necessary privelege. This would allow systems that have fine
> grained privelege to use it, a subsequent call would be made to drop the
> privelege after it was no longer needed.
>
> --
> Darren J Moffat
>
> _______________________________________________
> openssh-unix-dev at mindrot.org mailing list
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
More information about the openssh-unix-dev
mailing list