Re: SSH_PRIVSEP_USER configurable at runtime?

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Apr  2 13:37, Peter Stuge wrote:
> Corinna Vinschen wrote:
> > On non-domain machines the account
> > name will be "sshd", not "${machine}+sshd".  Except if the admin
> > specifies that the domain is always prepended, which makes it
> > "${machine}+sshd" again.  And if the admin specifies the separator char
> > to be not '+' but, for instance '#', the account name will be
> > "${machine}#sshd".
> > 
> > All that knowledge would have to go into sshd.c.
> 
> FWIW I think this is the right solution.

Hmm.  Come to think of it, SSH_PRIVSEP_USER could be defined as a macro
calling a function which returns the username.  And configure.ac could
define SSH_PRIVSEP_USER as, say, cygwin_privsep_user() by default, when
built for Cygwin so the ugly details could be hidden in bsd-cygwin_util.c.

The Cygwin changes are still in an early stage of testing, but I'll
come back to this.


Corinna

-- 
Corinna Vinschen
Cygwin Maintainer
Red Hat

Attachment: pgpWcYLFnrDxT.pgp
Description: PGP signature

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux