OpenSSH with Wilkinson patch on Mac OS X 10.2

Sam Hartman hartmans at MIT.EDU
Sun Sep 29 20:21:00 EDT 2002

>>>>> "Steven" == Steven Michaud <smichaud at> writes:

    Steven> By bootstrap server do you mean the sshd child process
    Steven> that runs as the client and handles terminal emulation on
    Steven> the server side?  If so, you're right.

No, I do not.
    Steven> By the way, do you think that seteuid() and setegid() are
    Steven> misbehaving on OS X?  Would I have had to go to the same
    Steven> lengths on a different OS?

No.  I suspect that seteuid is working as well as it can given the OSX

One annoying problem is that you really want the credentials to be
written out before PAM modules are called so that PAM modules can use
the credentials.  However you also want PAM to run as root for most of
its activity; I am not quite sure that the requirements of having PAM
run as root and having the credentials written out after setuid() can
both be satisfied.

So, you may have to have a different code path on OSX than on other
PAM-using operating systems.

More information about the krbdev mailing list