changing group for root

Darren Tucker dtucker at zip.com.au
Tue Jan 11 18:05:17 EST 2005


Senthil Kumar wrote:
> Darren wrote,
> 
>> I think that's fixed in current.  You can either try a snapshot or 
>> apply this patch to 3.9p1.
> 
> Yes, it fixed me the problem. But why should we do the fix at this 
> condition in uidswap.c? If the real id of the user is 0, why cant we 
> skip this function `permanently_set_uid ` in ssh.c of OpenSSH 3.9p1?

In some configurations, ssh can be made setuid, so the 
permanently_set_uid can't be removed.

As for why fix it in uidwap.c and not elsewhere: the code in uidswap.c 
is called from multiple places.  I'd rather see *all* of those places 
call permanently_set_uid(pw) and have it Just Work (with as much sanity 
checking as possible) rather than have the calls conditionalized all 
over the place for different reasons.

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
     Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.




More information about the openssh-unix-dev mailing list