This is the mail archive of the
cygwin@cygwin.com
mailing list for the Cygwin project.
Re: rshd chdirs before it sets uid and gid???
- To: Peter Buckley <peter dot buckley at cportcorp dot com>
- Subject: Re: rshd chdirs before it sets uid and gid???
- From: John Peacock <jpeacock at rowman dot com>
- Date: Fri, 05 Oct 2001 15:40:45 -0400
- CC: cygwin at cygwin dot com
- References: <3BBE0260.D1C3D596@cportcorp.com>
Peter Buckley wrote:
>
> I was looking at the source (rshd.c) and it
> seems backwards in the way it goes about doing
> things. It is trying to chdir to the remote
> user's home directory before it switches user
> context. That doesn't make sense- I thought
> the point of rsh was that *you* were supposed
> to be *you* and not system or root or anyone
> else.
Remember that rshd was written for the *nix world and only _ported_
to CygWin. Remember also that CygWin has only relatively recently
adopted NT security (and it still has to run under W98).
>
> This is how I understand what it is doing,
> please correct me if I am wrong.
>
> First, it checks if it is able to chdir to
> the home directory of the remote user-
>
> if (chdir(pwd->pw_dir) < 0) {
> (void) chdir("/");
> #ifdef __CYGWIN__
> syslog(LOG_INFO|LOG_AUTH,
> "%s@%s as %s: no home directory. cmd='%.80s'",
> remuser, hostname, locuser, cmdbuf);
> error("No remote directory.\n");
> exit(1);
> #endif
> }
>
> Then if CYGWIN is defined, it just exits?????
> Telnet does NOT do this, it just chdirs to "/"
> and allows you to continue.
That is why telnet is not considered to be a secure program (and other
reasons). Consider if somehow someone managed to log in as an account
that does not have a home directory on purpose (like most service
accounts); Since CygWin's security until very recently has been
Microsoft's (which is to say none at all), someone could wreak havoc
on a machine, just given that they can log in.
This is a security feature, not a bug, IMHO, and should not be
changed. Only after the cd should the setgid/uid be performed (which
had no real meaning/effect until 'ntsec' was perfected and still has
no meaning under non-NTFS disks).
>
> I am running into this problem because SYSTEM
> doesn't have rights to my home directory.
>
> It seems that the following bit of code should
> come BEFORE the chdir stuff, so SYSTEM doesn't need
> to have rights to EVERY user's home directory.
System is an NT artifact; it is supposed to be used for services that
require very little external rights (like to the filesystem) and to
have special internal rights (like act as part of the O/S). rshd is
still based in the *nix world where services are run as root until
they drop to user levels (for things like rshd and sshd).
Run rshd as an admin equivalent and everything will work fine. Better
yet, run sshd and delete rshd entirely.
HTH
John
--
John Peacock
Director of Information Research and Technology
Rowman & Littlefield Publishing Group
4720 Boston Way
Lanham, MD 20706
301-459-3366 x.5010
fax 301-429-5747
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/