Retrieving authorized_keys via remote script
Michael J. Flickinger
mjflick at gnu.org
Wed Dec 21 01:01:48 EST 2011
On 12/20/11 7:21 AM, Peter Stuge wrote:
> Michael J. Flickinger wrote:
>>>>>> a clean and safe way to extend the authorized_keys functionality.
>>>>>
>>>>> How safe it is depends on what you execute I guess.
>>>>
>>>> You cannot really baby-sit the user though, they can already do
>>>> unsafe things...
>>>
>>> It's not about the user, but about root who runs sshd, and suddenly
>>> requires even more clue in order to run a tight ship.
>>>
>>> I completely understand being conservative with adding hooks and
>>> "plugins" in sshd.
>>
>> For what it's worth, the exec is not being run as root in that patch.
>
> This is good! It means that problems will affect users, and not the
> full system, but still there can be problems which will affect users.
>
>
> //Peter
Well, I believe that patch lets you specify a user to run the exec...
I'm not sure what can be done beyond that.
For what it's worth, whoever is running the system could do something
equally as bad with pam_exec.
More information about the openssh-unix-dev
mailing list