https://bugzilla.mindrot.org/show_bug.cgi?id=3470
Bug ID: 3470
Summary: Cannot run SSH with a different effective userid
Product: Portable OpenSSH
Version: v9.0p1
Hardware: 68k
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
Assignee: unassigned-bugs@mindrot.org
Reporter: jbien@cisco.com
Trying to run ssh from a setuid application, but it always tries to use
the .ssh directory for the real user (which it cannot read), instead of
the effective user.
ssh.c is hard-coded to always use the UID to determine the home
directory:
pw = getpwuid(getuid());
Is there a security concern with allowing the user to specify their
.ssh folder? Or at least use geteuid() instead of getuid()?
Documentation made me believe the homedir was based on the USER
environment variable ("USER Set to the path of the user's home
directory"), but now I see the ENVIRONMENT section of the manpage
specifies the variables it sets (unlike most ENVIRONMENT sections that
mention variables that effect the operation).
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
Bug ID: 3470
Summary: Cannot run SSH with a different effective userid
Product: Portable OpenSSH
Version: v9.0p1
Hardware: 68k
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
Assignee: unassigned-bugs@mindrot.org
Reporter: jbien@cisco.com
Trying to run ssh from a setuid application, but it always tries to use
the .ssh directory for the real user (which it cannot read), instead of
the effective user.
ssh.c is hard-coded to always use the UID to determine the home
directory:
pw = getpwuid(getuid());
Is there a security concern with allowing the user to specify their
.ssh folder? Or at least use geteuid() instead of getuid()?
Documentation made me believe the homedir was based on the USER
environment variable ("USER Set to the path of the user's home
directory"), but now I see the ENVIRONMENT section of the manpage
specifies the variables it sets (unlike most ENVIRONMENT sections that
mention variables that effect the operation).
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs