From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Prentis Brooks" <prentis@aol.net>
To: "cygwin" <cygwin@sourceware.cygnus.com>
Subject: RE: [ANNOUNCEMENT]: patched openSSH-1.2.2 [was Re: No this has a nasty bite]
Date: Tue, 30 May 2000 11:19:00 -0000
Message-id: <NEBBLEPLMLJEEFHAGMDMCECMCAAA.prentis@aol.net>
References: <3930E5F3.C71178F0@vinschen.de>
X-SW-Source: 2000-05/msg01083.html

Corinna,
	your patches work great, one last quick question, then I am done, I hope
:).  There is apparently an RSAREF patch out there with a buffer overflow
problem, I am still trying to track down the patch number.  If you happen to
know of it, did you apply that patch to the OpenSSL code?  If you don't know
of the one I am talking about, then I guess there is not much we can do
until I find that patch number ;)

Thanks

-----Original Message-----
From: cygwin-owner@sourceware.cygnus.com
[ mailto:cygwin-owner@sourceware.cygnus.com]On Behalf Of Corinna Vinschen
Sent: Sunday, May 28, 2000 5:25 AM
To: Prentis Brooks
Cc: cygwin
Subject: Re: [ANNOUNCEMENT]: patched openSSH-1.2.2 [was Re: No this has
a nasty bite]


Prentis Brooks wrote:
> different from what I was looking to do.  Would you mind telling me how
you
> solved the problem of unauthorized access to a another account?
> (specifically, being able to login to RSA enabled SSHD eventhough your RSA
> key is not part of that SSHD's user's authorized_key file.)

Password authentication leads to a valid hToken, any
other authentication leads to hToken == INVALID_HANDLE_VALUE.
So after authentication I check for non-password authentication
and equality of getuid() to uid of authenticated user.

==== SNIP ====
@@ -1498,6 +1529,13 @@ do_authloop(struct passwd * pw)
                        break;
                }

+#ifdef __CYGWIN__
+                if (is_winnt && hToken == INVALID_HANDLE_VALUE &&
+                    authenticated && getuid() != pw->pw_uid) {
+                        packet_disconnect("Authentication rejected for
uid %d.", (int) pw->pw_uid);
+                        authenticated = 0;
+                }
+#endif
                /* Raise logging level */
                if (authenticated ||
                    attempt == AUTH_FAIL_LOG ||
==== SNAP ====

Corinna

--
Corinna Vinschen
Cygwin Developer
Cygnus Solutions, a Red Hat company

--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe@sourceware.cygnus.com


--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe@sourceware.cygnus.com