On Jul 22 23:32, Darren Tucker wrote: > On Fri, Jul 22, 2016 at 10:18 PM, Corinna Vinschen <vinschen@xxxxxxxxxx> wrote: > [...] > > Hmm. If that only affects Cygwin, and if defines.h is not synced anyway, > > what about getting rid of the configure stuff entirely? > > > > Tested counterproposal: > > Looks reasonable. It's late here so I'm going to look at it tomorrow. Thank you. > > As for the comment preceeding the definition, I didn't change it from > > your text in my proposal. However. > > > > I'd like to outline that IPPORT_RESERVED == 1024 still makes sense in > > terms of the implementation of bindresvport_sa and rcmd. It's not just > > backward compatibility. There are also applications out there which > > still expect this value to make sense. > > Fair point. > > > The *real* problem here is that OpenSSH checks for uid 0 before allowing > > to bind a socket to a port < IPPORT_RESERVED, rather than letting the OS > > decide if the current user is allowed to bind that port. > > From my POV this check in OpenSSH is gratuitious and it's the real reason > > we have this problem at all. > > In the case of sshd running with privsep off, the process doing the > binding is still running as root and I suspect those checks date back > to when it was always running as root. It could probably > temporarily_use_uid() though. I think this is a very good idea. As has been discussed more than once on this list, Cygwin^WWindows isn't the only OS allowing more than a single administrativ account. Alternatively the system supports fine-grained account-based permissions or per-executable capabilities. For example, think raw sockets and ping/ping6. You don't have to be admin to open a raw socket if the OS supports capabilities, nor does the application has to be a setuid application, as on Linux: $ ls -l /usr/bin/ping -rwxr-xr-x 1 root root 44752 Nov 19 2015 /usr/bin/ping $ getcap /usr/bin/ping ping = cap_net_admin,cap_net_raw+ep Checking for uid 0 only makes limited sense, and only on very traditional UNIX systems. Corinna -- Corinna Vinschen Cygwin Maintainer Red Hat
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
