Hi openssh developers,

I'm trying to port openssh to Interix. See [1] for more on this.

For Interix sshd needs to be patched to not use setuid()/setgid(), but
an Interix specific function setuser(). See [2] why it is needed.
Unfortunately, setuser() needs the clear-text password of the user to
be fully functional (If you use password-less setuser(), then the
user doesn't have network access rights, e.g. no access to a network
home dir).

The problem is now: How to get the clear-text password from
auth-passwd.c:auth_password()
to
uidswap.cermanently_set_uid()
where it would be needed as argument for setuser()?

See [3] for the patch I'm currently using. My first idea would be to
use the struct passwd pw_passwd field that is passed to
permanently_set_uid() for storing the clear-text password after
successful (password-)authentication.

Before looking into details I just want to ask:
Would such use of struct passwd be a security issue?


Many thanks in advance

Martin


[1] http://www.debian-interix.net/
[2] http://www.suacommunity.com/forum/tm...=setuser&#7061
[3] http://www.debian-interix.net/debian...2.interdiff.gz
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/li...enssh-unix-dev