Hi, When sshd gets an incoming connection, it forks. The client continues to run as root. This client forwards ports to another computer as root, so when this computer performs an ident query, it gets "root" instead of the username. This is a known problem, I read the FAQ. My question is: has anyone managed to find a way around this problem? If there is no simple solution, I'm thinking of hacking the sshd so that, after user verification, the forked sshd will run under the id of the user. Are there any security reasons why I shouldn't do this? (Why was it written this way in the first place?) Thanks, Noella Pierlet
