ssh-agent allowing access to other users?

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed Apr 3 05:37:18 EST 2013


On 04/02/2013 02:23 PM, Ángel González wrote:

> As such parameter would have been equivalent to removing the getpeereid
> check, the access would have to be filtered by the permissions provided by
> the filesystem.

i'm not convinced by the idea that they're equivalent, but this is a
reasonable fourth interaction proposal:

 D) ssh-agent takes a new initial argument (e.g. --no-peer-id-check).
if this argument is present, then the getpeereid() check is skipped.
Users of this flag are expected to ensure that filesystem permissions
are set up properly to limit access.

This is probably the simplest/cleanest of the existing proposals for
approaching this use case so far.

> While brainstormin about changing the protocol, I'd like a change where
> the (claimed) target was provided (in a stackable fashion) to the agent.

This probably deserves a separate thread.  I don't know what you mean by
"stackable fashion" -- but if you start a separate thread about this,
i'd be happy to read and comment on it.

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1027 bytes
Desc: OpenPGP digital signature
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20130402/6c7ce872/attachment.bin>


More information about the openssh-unix-dev mailing list