Corinna Vinschen
2019-Feb-16 13:21 UTC
[PATCH] Cygwin: rel 3.0 drops requirement for privileged non-SYSTEM account
Seteuid now creates user token using S4U. We don't create a token
from scratch anymore, so we don't need the "Create a process
token"
privilege. The service can run under SYSTEM again.
---
contrib/cygwin/ssh-host-config | 15 +++++----------
1 file changed, 5 insertions(+), 10 deletions(-)
diff --git a/contrib/cygwin/ssh-host-config b/contrib/cygwin/ssh-host-config
index cc36ea102f42..2e15d02fbbc1 100644
--- a/contrib/cygwin/ssh-host-config
+++ b/contrib/cygwin/ssh-host-config
@@ -394,14 +394,8 @@ install_service() {
then
csih_get_cygenv "${cygwin_value}"
- if ( csih_is_nt2003 || [ "$csih_FORCE_PRIVILEGED_USER" =
"yes" ] )
+ if ( [ "$csih_FORCE_PRIVILEGED_USER" = "yes" ] )
then
- csih_inform "On Windows Server 2003, Windows Vista, and above, the"
- csih_inform "SYSTEM account cannot setuid to other users -- a
capability"
- csih_inform "sshd requires. You need to have or to create a
privileged"
- csih_inform "account. This script will help you do so."
- echo
-
[ "${opt_force}" = "yes" ] && opt_f=-f
[ -n "${user_account}" ] && opt_u="-u
""${user_account}"""
csih_select_privileged_username ${opt_f} ${opt_u} sshd
@@ -412,11 +406,12 @@ install_service() {
csih_request "Do you want to proceed anyway?" || exit 1
let ++ret
fi
+ # Never returns empty if NT or above
+ run_service_as=$(csih_service_should_run_as)
+ else
+ run_service_as="SYSTEM"
fi
- # Never returns empty if NT or above
- run_service_as=$(csih_service_should_run_as)
-
if [ "${run_service_as}" =
"${csih_PRIVILEGED_USERNAME}" ]
then
password="${csih_PRIVILEGED_PASSWORD}"
--
2.20.1
David Newall
2019-Feb-17 04:17 UTC
[PATCH] Cygwin: rel 3.0 drops requirement for privileged non-SYSTEM account
On 16/2/19 11:51 pm, Corinna Vinschen wrote:> Seteuid now creates user token using S4U. We don't create a token > from scratch anymore, so we don't need the "Create a process token" > privilege. The service can run under SYSTEM again.It seems like your patch breaks OpenSSH on Windows Vista, Server 2003, and possibly others.? I oppose changes that needlessly break systems.
Corinna Vinschen
2019-Feb-17 09:02 UTC
[PATCH] Cygwin: rel 3.0 drops requirement for privileged non-SYSTEM account
On Feb 17 14:47, David Newall wrote:> On 16/2/19 11:51 pm, Corinna Vinschen wrote: > > Seteuid now creates user token using S4U. We don't create a token > > from scratch anymore, so we don't need the "Create a process token" > > privilege. The service can run under SYSTEM again. > > It seems like your patch breaks OpenSSH on Windows Vista, Server 2003, and > possibly others.? I oppose changes that needlessly break systems.- Windows 2003 isn't supported by Cygwin anymore - S4U has been introduced with Windows 2003 - Vista is newer than Windows 2003 Corinna -- Corinna Vinschen Cygwin Maintainer Red Hat -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: not available URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20190217/891b1d90/attachment.asc>
Reasonably Related Threads
- [PATCH/cygwin]: Revised sshh-host-config script
- [PATCH] contrib/cygwin/ssh-host-config: Improve support for automated updates
- [patch/cygwin] contrib/cygwin/ssh-host-config
- [patch/cygwin]: Explicitely add user right to start service
- [PATCH] Update Cygwin service installer script for new Cygwin release