OpenSSH 3.7p1, PrivSep, and Tru64 broken (sorry)

Darren Tucker dtucker at
Sun Sep 21 22:41:17 EST 2003

Chris Adams wrote:
> This could also be a security problem for SIA authentication in general
> (any version of OpenSSH on Tru64, using PrivSep or not), as I wrote
> auth-sia.c to use setreuid() (per the Tru64 SIA documentation), so the
> saved UID carries forward there.
(patch to auth-sia.c)
> -       if (setreuid(geteuid(), geteuid()) < 0)
> -               fatal("setreuid: %s", strerror(errno));
> +       uid = geteuid();
> +       if (setuid(0) < 0)
> +               fatal("setuid: %s", strerror(errno));
> +       if (setuid(uid) < 0)
> +               fatal("setuid: %s", strerror(errno));

Any reason not to use permanently_set_uid() here?

Darren Tucker (dtucker at
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

More information about the openssh-unix-dev mailing list