[Bug 1060] ~/.ssh/config check too strict on systems with per-user groups

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Mon Jul 4 10:50:34 EST 2005


------- Additional Comments From djm at mindrot.org  2005-07-04 10:50 -------
(In reply to comment #3)
> (In reply to comment #2)
> > I don't like these complex heuristics, especially since they depend on
> > properties of the user and group name.
> The only reason the user name is used is because struct group only lets you
> inspect group membership by means of the user name.

No, I was referring to:

+			else if (gr->gr_mem[0]) {
+				if (strcmp(pw->pw_name, gr->gr_mem[0]) ||
+				    gr->gr_mem[1])

where you make decisions on the group name being the same as the user name. 

> > Why can't you just warn your users? (suggestion 5 in the Debian bug).
> The test is wrong for us and causes ssh not to work *by default* as soon
> as you create a client config file, unless you take measures which aren't 
> clearly documented in the error message 

"Bad owner or permissions on /home/djm/.ssh/config" is pretty clear. Not many
error messages on Unix include detailed remedial instructions (I can't think of
one off the top of my head). The ssh(1) manpage makes it quite clear what those
permission needs to be.

> and ought to be unnecessary in any case. I do
> not believe that giving up and merely documenting the problem is a valid
> response from me to this bug report.

I wouldn't characterise warning your users of a potentially dangerous
misconfiguration of their software as "giving up"; it is a perfectly appropriate

> Suggestion 5 is about trawling through users' home directories on package

oops, I meant suggestion 6.

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the openssh-bugs mailing list