Web lists-archives.com

Re: Logging-in using ssh elevates the user privilege.




On Mar  6 17:15, Corinna Vinschen wrote:
> On Mar  7 01:00, Takashi Yano wrote:
> > Hello,
> > 
> > I would like to report a problem of recent cygwin.
> > 
> > If a user logs in via ssh, the user aqcuires the elevated
> > privilege if the user belongs to Administrators group.
> 
> This is by design, and this is no new behaviour.  As soon as an admin
> account logs in, seteuid uses the elevated token.  Cygwin is doing that
> since 2015.

Actually, since 2010.

> 
> After all, from an ssh session there would be *no* chance to run
> administrative tasks if the user would only get a non-elevated token.
> There's no way to switch to the elevated token from an ssh session.


Corinna

-- 
Corinna Vinschen
Cygwin Maintainer

Attachment: signature.asc
Description: PGP signature