[scponly] PATCH: support for multiple users with the same uid
Kaleb Pederson
kibab at icehouse.net
Thu Jul 12 22:36:04 EDT 2007
Steve,
I have accepted your patch. Although I disagree with multiple users having
the same uid (and think it's probably a fairly obscure feature), I believe
this patch does provide more correct behavior when people do have multiple
users with the same uid.
There is a chance that it will not make it into the next version of scponly as
I haven't yet talked to the other developers, but I expect it will remain.
Thanks for your help.
--Kaleb
On Monday 04 June 2007, Steve Kehlet wrote:
> The attached patch to scponly provides support for multiple users
> with the same unix user id. Please let me know what you think.
>
> Patch notes: instead of doing a getpwuid(getuid()) to retrieve passwd
> information (which will return incorrect home directory/jail
> information for all but the first user with the matching uid), this
> patch changes scponly to first check for the USER environment
> variable (which is set by sshd), and if found, looks up the passwd
> entry via getpwnam(). As a sanity check, the uid value found is
> verified against getuid(). If it doesn't find USER (for whatever
> reason) it falls back to the previous behavior.
>
> It seems like no more than the usual concerns apply, in particular
> watch your AcceptEnv and PermitUserEnv, make sure the user can't
> write to his ~/.ssh directory, etc. However even on a poorly set up
> system, where somehow the user was able to pass in an arbitrary USER
> value, 1. if the uid obtained from passwd doesn't match getuid(), the
> user is disconnected, or 2. if the uid is a match then the behavior
> is no worse than it is now where the user gets the home dir info from
> the first passwd entry with a matching uid, quite likely someone else.
>
> I acknowledge sharing uids in general is not considered a best
> practice, but it's a nice solution for what I'm doing (I'll spare you
> the details). As far as I can tell, the above change seems safe,
> provides arguably more correct/expected behavior, and may be useful
> for others too. But, I submit it here for review, so please post if
> you see something I haven't or if you otherwise disagree :-).
> Hopefully you'll like the patch and merge it in. Many thanks, I
> think scponly is a very handy package.
>
> Steve
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : https://lists.ccs.neu.edu/pipermail/scponly/attachments/20070712/0d327a5b/attachment.bin
More information about the scponly
mailing list