setuid for "ssh"
Gavin McDonald
gavitron at gmail.com
Sat Dec 31 19:56:18 UTC 2005
Not having a copy of the source in front of me, I would wager that ssh
explicitly sets itself to run with the permissions of the user. It's pretty
tight about security. I know you want to run it as root, but. why? Even
the docs I sent to you suggest a valid work-around to the problem you are
having - yet you still want to suid ssh.
-G
Regards,
Gavin McDonald
========================
EVI Logistic Enterprises
email: me at gavitron.com
phone: (604) 313-3845
_____
From: Sachin Bhugra [mailto:bhugra.sachin at gmail.com]
Sent: Friday, December 30, 2005 12:14 PM
To: General Red Hat Linux discussion list
Cc: callahant at tessco.com; gavitron at gmail.com
Subject: Re: setuid for "ssh"
Yes, actually i edited the ssh_config and sshd_config files and allowed
only ssh ver 1. Also, ssh looks for /etc/hosts.equiv or
/etc/ssh/shosts.equiv. I think "shosts.equiv" is specific to ssh and
"hosts.equiv" works for both rsh and ssh (pls correct me if i am wrong).
BTW, any idea why ssh is not running with the root permissions. i know its
dangerous, but...why? What i don't understand is /usr/bin/passwd also have
the same permissions and if we use "passwd" command it runs with the root
permissions then why not ssh, when it is also having the setuid bit set?
Regds,
Sachin
PS: I am using OpenSSH_3.6.1p2.
More information about the redhat-list
mailing list