Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 2 Sep 2000 18:09:48 -0400 (EDT)
From:      Robert Watson <rwatson@FreeBSD.ORG>
To:        "Jacques A. Vidrine" <n@nectar.com>
Cc:        Neil Blakey-Milner <nbm@mithrandr.moria.org>, Dan Nelson <dnelson@emsphone.com>, sthaug@nethelp.no, phk@critter.freebsd.dk, ume@FreeBSD.ORG, arch@FreeBSD.ORG
Subject:   Re: setuid ssh should die (Re: Request for review: nsswitch)
Message-ID:  <Pine.NEB.3.96L.1000902180724.60028G-100000@fledge.watson.org>
In-Reply-To: <20000902164819.B1497@hamlet.nectar.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Sat, 2 Sep 2000, Jacques A. Vidrine wrote:

> On Sat, Sep 02, 2000 at 05:45:14PM -0400, Robert Watson wrote:
> > > @@ -546,6 +546,10 @@
> > >  	}
> > >  	/* Disable rhosts authentication if not running as root. */
> > >  	if (original_effective_uid != 0 || !options.use_privileged_port) {
> > > +		if (options.rhosts_authentication ||
> > > +		    options.rhosts_rsa_authentication)
> > > +			log("Warning: rhosts disabled - "
> > > +			    "insufficient privileges");
> > >  		options.rhosts_authentication = 0;
> > >  		options.rhosts_rsa_authentication = 0;
> > >  	}
> > 
> > That sucks.  Don't do that. :-)
> 
> I didn't.  That is a patch for OpenSSH's ssh.c, just adding a warning.

Sorry about that -- in any case, we should probably correct that issue. 
If no one else does, I'll get to it on the capability patch sooner or
later.  I've been picking up a lot of similar limits elsewhere in the
system: it's fine for userland applications to use uid's to enforce
application policies, but short-circuiting kernel access control results
in userland can make it difficult to modify the kernel policy later.  The
two policy realms are really fairly different: su's wheel limitation for
root access is an example of an application policy limiting the scope of
access to kernel resources in a useful way.  SSH checking whether it
thinks the kernel will let it read a key file or bind a port is less so. 


  Robert N M Watson 

robert@fledge.watson.org              http://www.watson.org/~robert/
PGP key fingerprint: AF B5 5F FF A6 4A 79 37  ED 5F 55 E9 58 04 6A B1
TIS Labs at Network Associates, Safeport Network Services




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1000902180724.60028G-100000>