Hello All, The changing of group for the root results in the following message with OpenSSH 3.9p1 "permanently_set_uid: was able to restore old [e]gid" The following change in uidswap.c fixes me the problem. /* Try restoration of GID if changed (test clearing of saved gid) */ - if (old_gid != pw->pw_gid && + if(getgid() != pw->pw_gid && (setgid(old_gid) != -1 || setegid(old_gid) != -1)) fatal("%s: was able to restore old [e]gid", __func__); Is there any problem with this approach? Thanks, Senthil Kumar. --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.791 / Virus Database: 535 - Release Date: 11/8/2004
Senthil Kumar wrote:> Hello All, > > The changing of group for the root results in the following message with > OpenSSH 3.9p1 > "permanently_set_uid: was able to restore old [e]gid"What platform is this? -d
Damien wrote:>What platform is this?The problem occurs in hpux 11.11,11.23 but not in 11.00. To reproduce the problem login as root, change the group for root and try ssh. --Senthil Kumar. ----- Original Message ----- From: "Damien Miller" <djm at mindrot.org> To: "Senthil Kumar" <senthilkumar_sen at hotpop.com> Cc: "OpenSSH Devel List" <openssh-unix-dev at mindrot.org> Sent: Thursday, January 06, 2005 3:59 AM Subject: Re: changing group for root> Senthil Kumar wrote: >> Hello All, >> >> The changing of group for the root results in the following message with >> OpenSSH 3.9p1 >> "permanently_set_uid: was able to restore old [e]gid" > > What platform is this? > > -d > > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > http://www.mindrot.org/mailman/listinfo/openssh-unix-dev--- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.791 / Virus Database: 535 - Release Date: 11/8/2004
Possibly Parallel Threads
- [PATCH] permanently_set_uid: Don't try restoring gid on Cygwin
- OpenSSH-3.9p1 permanently_set_uid behavior on Linux
- uidswap.c breaks ssh when originating user is root
- Question about a recent change to uidswap.c in the portability snapshot
- [PATCH] Group mapping primary group SID update