openssh unix dev - Sep 2002 - [Bug 395] New: ident-protocol gives "root" as connection owner

http://bugzilla.mindrot.org/show_bug.cgi?id=395

           Summary: ident-protocol gives "root" as connection owner
           Product: Portable OpenSSH
           Version: older versions
          Platform: All
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: sshd
        AssignedTo: openssh-unix-dev at mindrot.org
        ReportedBy: bibjah at bg.bib.de


When I tunnel a connection through openssh and the server tries to figure out
who is making the connection, it asks the local identd "who is running
sshd"
instead of asking the remote identd (on the originating system) "who is
running the program connecting".

Therefore, all server programs relying on identd will believe that all tunneled
connections come from local user "root". I think this is a severe
security
flaw.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.