Created attachment 2497 [details] Patch disabling uid=0 resetting test on Solaris After the server process drops uid=0, a test is made to make sure uid=0 cannot be reclaimed. On Solaris, if a user is granted ALL privilege in a zone, this user can successfully call setuid(0) and setgid(0). In this case it is not due to a failure of dropping uid=0, sshd was started with. Uid restoration test fails and the user is not permitted to log in. This fix disables the check on Solaris. For non-privileged users the inability to reclaim uid=0 is implied from previous successful call to setresuid(). For user with ALL privilege in the zone the assertion in the test is not correct; the ability to restore uid=0 stems from additional privileges granted to the user. The fix is implemented by replacing appropriate occurrences of OS-based define HAVE_CYGWIN with functionality-based define NO_UID_RESTORATION_TEST and defining it for Solaris and Cygwin in configure.ac.
Created attachment 2498 [details] Patch disabling uid=0 resetting test on Solaris
resolved as a part of fine-grained privileges wad *** This bug has been marked as a duplicate of bug 2511 ***
Close all resolved bugs after 7.3p1 release