Comment by charcircuit
15 days ago
There are many ways from passkeys to SAML. Though for complex methods we may want a dedicated services outside the kernel.
15 days ago
There are many ways from passkeys to SAML. Though for complex methods we may want a dedicated services outside the kernel.
How does that service get launched with the privilege to switch to any user?
The kernel can start a process with any user it wants. The user doesn't have to switch during the process's life.
Yes, but that has to happen somewhere. OpenSSH already uses privilege separation to limit the scope of the code which requests the kernel set the user for the process for the session. Can you say where precisely you think that should happen instead? If you’re saying it should delegate to login(1) it would be useful to discuss in detail what you see OpenSSH doing which is weaker because otherwise that seems like it’s just recreating chances for this CVE without meaningfully improving a hardened implementation.