[Bug 2874] Privilege-dropping fails on some container systems

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Fri Jul 6 14:35:02 AEST 2018


https://bugzilla.mindrot.org/show_bug.cgi?id=2874

--- Comment #3 from Darren Tucker <dtucker at dtucker.net> ---
Looking at the specification for seteuid it looks like those platforms
are not compliant.   IEEE Std 1003.1 both 2004 and 2018 Editions
specify the following reasons for seteuid to fail:

The seteuid() function shall fail if:

[EINVAL]
The value of the uid argument is invalid and is not supported by the
implementation.
[EPERM]
The process does not have appropriate privileges and uid does not match
the real user ID or the saved set-user-ID.

Neither of those seem to be applicable in this case though.

It makes me wonder if there any reason to still support ssh being
setuid at all these days.  Certainly the only use cases I can think of
are long dead.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list