Web lists-archives.com

Re: Logging-in using ssh elevates the user privilege.




On Mar  7 01:00, Takashi Yano wrote:
> Hello,
> 
> I would like to report a problem of recent cygwin.
> 
> If a user logs in via ssh, the user aqcuires the elevated
> privilege if the user belongs to Administrators group.

This is by design, and this is no new behaviour.  As soon as an admin
account logs in, seteuid uses the elevated token.  Cygwin is doing that
since 2015.

After all, from an ssh session there would be *no* chance to run
administrative tasks if the user would only get a non-elevated token.
There's no way to switch to the elevated token from an ssh session.


Corinna

-- 
Corinna Vinschen
Cygwin Maintainer

Attachment: signature.asc
Description: PGP signature