openssh on interix
Martin Koeppe
mkoeppe at gmx.de
Thu Nov 6 09:52:21 EST 2008
Hi openssh developers,
I'm trying to port openssh to Interix. See [1] for more on this.
For Interix sshd needs to be patched to not use setuid()/setgid(), but
an Interix specific function setuser(). See [2] why it is needed.
Unfortunately, setuser() needs the clear-text password of the user to
be fully functional (If you use password-less setuser(), then the
user doesn't have network access rights, e.g. no access to a network
home dir).
The problem is now: How to get the clear-text password from
auth-passwd.c:auth_password()
to
uidswap.c:permanently_set_uid()
where it would be needed as argument for setuser()?
See [3] for the patch I'm currently using. My first idea would be to
use the struct passwd pw_passwd field that is passed to
permanently_set_uid() for storing the clear-text password after
successful (password-)authentication.
Before looking into details I just want to ask:
Would such use of struct passwd be a security issue?
Many thanks in advance
Martin
[1] http://www.debian-interix.net/
[2] http://www.suacommunity.com/forum/tm.aspx?m=4663&mpage=1&key=setuserᮕ
[3] http://www.debian-interix.net/debian-interix/pool/unreleased35/main/o/openssh/openssh_4.7p1-9_4.7p1-9+interix.2.interdiff.gz
More information about the openssh-unix-dev
mailing list