by redmail.netbsd.org with SMTP; 3 Nov 1999 22:17:31 -0000
	by Twig.Rodents.Montreal.QC.CA (8.8.8/8.8.8) id RAA17029;
	Wed, 3 Nov 1999 17:17:21 -0500 (EST)
Date: Wed, 3 Nov 1999 17:17:21 -0500 (EST)
From: der Mouse  <mouse@Rodents.Montreal.QC.CA>
Message-Id: <199911032217.RAA17029@Twig.Rodents.Montreal.QC.CA>
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
To: tech-security@netbsd.org
Subject: Re: evil? sshd patch

>>> -          || (auth_rsa(getpwnam("root"), &n, &sensitive_data.random_state,
>>> +           || (auth_rsa(getpwuid(0), &n, &sensitive_data.random_state,
>> But which uid-0 account do you get?
> while i understand your point (doing accounting and stuff, blah blah
> blah) it really won't make much difference here, will it?

It may.  I may have multiple superuser logins, some of which are
captive in various ways; I need to specify, then, which one has "allow
ssh as anyone" power.

Or perhaps I want to set up a special account that can't normally be
sshed to at all (maybe it's got /bin/false as a shell or something) but
exists specifically to let me authorize certain keys as having the
power to authorize access as anyone - that is, the magic account
doesn't have to be a super-user.

>    ssh -t fooroot@some.machine.com su - someluser

Only if fooroot has a "normal" shell. :-)

					der Mouse

			       mouse@rodents.montreal.qc.ca
		     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B