top | item 46969093

(no title)

dragonfax | 19 days ago

1. Start with root to bind the port below 1024.

2. give up root because you don't need it any further.

3. Only accept non-root logins

4. when a user creates a session, if they need root within the session they can obtain it via sudo or su.

discuss

acdha|19 days ago

That still needs a way to change users, and OpenSSH already has privilege separation. That hardens the process somewhat to reduce the amount of code running in the process which can change the uid for a session but fundamentally something needs permission to call setuid() or the equivalent.

accrual|19 days ago

Yes, but changing users is a function of the shell (or maybe more specifically /usr/bin/login), not the SSH daemon.

klempner|19 days ago

Congratulations, you've created a server that lets people have shells running as the user running telnetd.

You presumably want them to run as any (non root) user. The capability you need for that, to impersonate arbitrary (non-root) users on the system, is pretty damn close to being root.

samlinnfer|19 days ago

Well obviously each user just needs to run their own telnet daemon, on their own port of course.

unknown|19 days ago

[deleted]

wiml|19 days ago

You still need to have privileges to become the userid of the user logging in. Openssh does do privsep, but you still need a privileged daemon.

Aloha|19 days ago

I'm not sure that you need root because of the port - I think login itself needs to run as root, otherwise it cant login to anything other than the account its running under.

unknown|19 days ago

[deleted]

unknown|19 days ago

[deleted]