Re: ssh-agent broken with pam_ssh for xdm (+ fix for ssh-agent.c)

2002-11-05 Thread Markus Friedl 
On Tue, Nov 05, 2002 at 03:01:02PM +0100, Dag-Erling Smorgrav wrote:
> Markus Friedl <[EMAIL PROTECTED]> writes:
> > yes, geteuid() could work, too, but why is ssh-agent running
> > with a privileged user id?  shouldn't both the real and
> > effective user id be the uid of the user?
> 
> ssh-agent is started by pam_ssh which is run under xdm's uid (i.e. 0).
> It switches to the user's egid and euid before starting ssh-agent.

but shouldn't it do something like
seteuid(getuid());
setuid(getuid());
executing ssh-agent?

> FreeBSD's execve() does not change the real user id (I don't think
> POSIX allows it) so ssh-agent has real user-id 0.  It should do
> setuid(geteuid()) early on to guard against this.  Alternatively,
> pam_ssh could use a home-grown privilege-dropping popen() instead of
> libc's popen() to start ssh-agent.
> 
> DES
> -- 
> Dag-Erling Smorgrav - [EMAIL PROTECTED]

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

Re: ssh-agent broken with pam_ssh for xdm (+ fix for ssh-agent.c)

2002-11-04 Thread Markus Friedl 
yes, geteuid() could work, too, but why is ssh-agent running
with a privileged user id?  shouldn't both the real and
effective user id be the uid of the user?

On Sun, Nov 03, 2002 at 08:49:02PM +0100, Alexander Leidinger wrote:
> Hi,
> 
> [Markus: this is on FreeBSD-current with
> $OpenBSD: ssh-agent.c,v 1.105 2002/10/01 20:34:12 markus Exp $]
> 
> I use pam_ssh in pam.d/xdm and after an update to todays -current, it
> doesn't add my key anymore. In /var/log/messages I see the following if
> I try a "ssh-add -l":
> ---snip---
> ssh-agent[6438]: error: uid mismatch: peer euid 1000 != uid 0
> ---snip---
> 
> ssh-agent.c:after_select() contains:
> ---snip---
> if ((euid != 0) && (getuid() != euid)) {
> error("uid mismatch: "
> "peer euid %u != uid %u",
> (u_int) euid, (u_int) getuid());
> close(sock);
> break;
> }
> ---snip---
> 
> As ssh_agent gets startet from pam_ssh in xdm (which runs as root ->
> getuid() = 0, geteuid() = 1000), it is obvious why it doesn't work.
> 
> At the moment I have this piece of code commented out, but I think this
> should get changed to use geteuid() instead of getuid(). Or did I
> misunderstood the idea behind the above code?
> 
> Bye,
> Alexander.
> 
> -- 
>   Loose bits sink chips.
> 
> http://www.Leidinger.net   Alexander @ Leidinger.net
>   GPG fingerprint = C518 BC70 E67F 143F BE91  3365 79E2 9C60 B006 3FE7

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message