yes, geteuid() could work, too, but why is ssh-agent running
with a privileged user id? shouldn't both the real and
effective user id be the uid of the user?
On Sun, Nov 03, 2002 at 08:49:02PM +0100, Alexander Leidinger wrote:
> Hi,
>
> [Markus: this is on FreeBSD-current with
> $OpenBSD: ssh-agent.c,v 1.105 2002/10/01 20:34:12 markus Exp $]
>
> I use pam_ssh in pam.d/xdm and after an update to todays -current, it
> doesn't add my key anymore. In /var/log/messages I see the following if
> I try a "ssh-add -l":
> ---snip---
> ssh-agent[6438]: error: uid mismatch: peer euid 1000 != uid 0
> ---snip---
>
> ssh-agent.c:after_select() contains:
> ---snip---
> if ((euid != 0) && (getuid() != euid)) {
> error("uid mismatch: "
> "peer euid %u != uid %u",
> (u_int) euid, (u_int) getuid());
> close(sock);
> break;
> }
> ---snip---
>
> As ssh_agent gets startet from pam_ssh in xdm (which runs as root ->
> getuid() = 0, geteuid() = 1000), it is obvious why it doesn't work.
>
> At the moment I have this piece of code commented out, but I think this
> should get changed to use geteuid() instead of getuid(). Or did I
> misunderstood the idea behind the above code?
>
> Bye,
> Alexander.
>
> --
> Loose bits sink chips.
>
> http://www.Leidinger.net Alexander @ Leidinger.net
> GPG fingerprint = C518 BC70 E67F 143F BE91 3365 79E2 9C60 B006 3FE7
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message