ssh

Daniel Bye freebsd-questions at slightlystrange.org
Wed Oct 31 08:17:11 PDT 2007 

On Wed, Oct 31, 2007 at 03:23:57PM +0100, Michael Grant wrote:
> > Yeah, I misread your problem. Are you saying that you want to su to root,
> > but still have some variables set as they were on the account you sued from?
> > So you have a user named Michael, say, and you su to root, but when you ssh
> > you want Michael's .ssh to be the effective one?
> 
> Well sort of.  When I su, $HOME is set to my homedir and $USER set to
> mgrant.  This is fine.  However, ssh (when sued) doesn't read
> $HOME/.ssh, it reads /root/.ssh. And it's not defaulting to logging
> into the remote machine as $USER, it tries to log in as root.  It does
> this because it's hardwired in the code more or less as follows (I've
> extracted the relevant code from ssh.c):
> 
>     original_real_uid = getuid();
>     pw = getpwuid(original_real_uid);
>     sprintf(buf, "%s/%s", pw->pw_dir, "ssh-config");
>     read_config_file(buf);
>     options.user = strdup(pw->pw_name);
> 
> Like I said, it seems like a bug to me.  Personally I would have done
> a getenv("HOME") and getenv("USER") myself instead of depending on the
> userid.  Probably they had good reason for doing it the way they did
> it.

Probably to do with the fact that both $HOME and $USER can be set by the
user to any arbitrary value:

[daniel at torus:~] --->$ echo $USER $HOME
daniel /home/daniel
[daniel at torus:~] --->$ USER=root
[daniel at torus:~] --->$ HOME=/root
[daniel at torus:/home/daniel] --->$ echo $USER $HOME
root /root
[daniel at torus:/home/daniel] --->$ cd
[daniel at torus:~] --->$ pwd
/root

Not so good for security!

Dan

-- 
Daniel Bye
                                                                     _
                                              ASCII ribbon campaign ( )
                                         - against HTML, vCards and  X
                                - proprietary attachments in e-mail / \
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20071031/66d91bcc/attachment.pgp

More information about the freebsd-questions mailing list