Comment by acdha

Yes, but that has to happen somewhere. OpenSSH already uses privilege separation to limit the scope of the code which requests the kernel set the user for the process for the session. Can you say where precisely you think that should happen instead? If you’re saying it should delegate to login(1) it would be useful to discuss in detail what you see OpenSSH doing which is weaker because otherwise that seems like it’s just recreating chances for this CVE without meaningfully improving a hardened implementation.