This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

sshd as a substitute for the suid bit on executables...



> From: Corinna Vinschen <corinna-cygwin@cygwin.com>
> Subject: Re: suid bit on executables?
>
> > On Mar 23 07:04, Richard Troy wrote:
> > I know
> > there's the SSHD code that could serve as an example, but it seems to
> > me that it's overkill for what I want [...]
>
> Nope.  There's nothing simpler than utilizing an existing and working
> piece of code instead of creating another application with it's entirely
> new, own set of bugs.  IMO, using sshd is the way to go.
>
> Corinna

So, Corinna, you see it as simple... Before I start punching a tar-baby
and get all stuck in things, few more keystrokes might be helpful...

One additional challenge that has just occurred to me in my particular
scenario is that in ordinary useage on Unix, my program that runs under
the suid bit eventually launches a Java program that creates display
windows and attaches to the keyboard/mouse in the usual way and the user
never knows it's running as the file owner and not them. Before I go
create a great solution that doesn't solve my real problem, I realize that
I am unfamilliar with the security demands, if any, Windows imposes in
such circumstances; please advise with your thoughts on this subject in
the scenario under discussion here if you can.

Next, I can see how an account that has a particular privilege that
provides all of the necessary access can have its shell re-directed to be
a particular program other than a usual shell (just update /etc/passwd,
right?) and can have a null passphraise providing a key-access
(passwordless access) to the desired account by other users, captured so
that they can't run anything else in the account. This is then followed up
with an alias that looks like the usual command but that instead performs
something like:

alias foo="ssh <target_username>@<localhost | 127.0.0.0 | hostname> "
# cmd line args trail and get passed along in the usual way

Such a solution would require _no_ additional coding, but a bit of
configuration instead - a perfectly workable solution if, in fact, the
resulting executing program can indeed open windows in the normal way on
the console display. (Non-Cygwin Q: Can, in fact, the shell be replaced
with an ordinary program and have the args passed like this? Or is there
another blessed method for "capturing" an account so it only runs one
program?)

Corinna, is this what you had in mind? (Anyone else with a good idea?)

As always, thank you very, very much - this is a big deal to me.

Richard

-- 
Richard Troy, Chief Scientist
Science Tools Corporation
rtroy@ScienceTools.com, 510-567-9957, http://ScienceTools.com/

---------- Forwarded message ----------
Date: Tue, 23 Mar 2004 16:04:08 +0100
From: Corinna Vinschen <corinna-cygwin@cygwin.com>
Reply-To: cygwin@cygwin.com
To: cygwin@cygwin.com
Subject: Re: suid bit on executables?

On Mar 23 07:04, Richard Troy wrote:
> I know
> there's the SSHD code that could serve as an example, but it seems to me
> that it's overkill for what I want [...]

Nope.  There's nothing simpler than utilizing an existing and working
piece of code instead of creating another application with it's entirely
new, own set of bugs.  IMO, using sshd is the way to go.

Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                                mailto:cygwin@cygwin.com
Red Hat, Inc.

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/



--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]