Add support for AuthorizedKeysCommand and AuthorizedPrincipalsCommand…

… to run as System (#479)
PowerShell · Mar 27, 2021 · 6e76ad9 · 6e76ad9
1 parent 9a60244
commit 6e76ad9
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 5 deletions.
diff --git a/auth.c b/auth.c
@@ -77,6 +77,10 @@
 #include "compat.h"
 #include "channels.h"
 #include "sshfileperm.h"
+#ifdef WINDOWS
+#include <Windows.h>
+#include "misc_internal.h"
+#endif // WINDOWS
 
 /* import */
 extern ServerOptions options;
@@ -958,8 +962,21 @@ subprocess(const char *tag, struct passwd *pw, const char *command,
 		if (posix_spawn_file_actions_init(&actions) != 0 ||
 			posix_spawn_file_actions_adddup2(&actions, p[1], STDOUT_FILENO) != 0)
 			fatal("posix_spawn initialization failed");
-		else if (__posix_spawn_asuser((pid_t*)&pid, av[0], &actions, NULL, av, NULL, pw->pw_name) != 0)
-			fatal("posix_spawn: %s", strerror(errno));
+		else {
+			/* If the user's SID is the System SID and sshd is running as system,
+			 * launch as a child process.
+			 */
+			if (IsWellKnownSid(get_sid(pw->pw_name), WinLocalSystemSid) && am_system()) {
+				debug("starting subprocess using posix_spawnp");
+				if (posix_spawnp((pid_t*)&pid, av[0], &actions, NULL, av, NULL) != 0)
+					fatal("posix_spawnp: %s", strerror(errno));
+			}
+			else {
+				debug("starting subprocess as user using __posix_spawn_asuser");
+				if (__posix_spawn_asuser((pid_t*)&pid, av[0], &actions, NULL, av, NULL, pw->pw_name) != 0)
+					fatal("posix_spawn_user: %s", strerror(errno));
+			}
+		}
 
 		posix_spawn_file_actions_destroy(&actions);
 	}

diff --git a/contrib/win32/win32compat/w32fd.c b/contrib/win32/win32compat/w32fd.c
@@ -1074,11 +1074,14 @@ spawn_child_internal(const char* cmd, char *const argv[], HANDLE in, HANDLE out,
 
 	wchar_t * t = cmdline_utf16;
 	do {
-		debug3("spawning %ls", t);
-		if (as_user)
+		if (as_user) {
+			debug3("spawning %ls as user", t);
 			b = CreateProcessAsUserW(as_user, NULL, t, NULL, NULL, TRUE, flags, NULL, NULL, &si, &pi);
-		else
+		}
+		else {
+			debug3("spawning %ls as subprocess", t);
 			b = CreateProcessW(NULL, t, NULL, NULL, TRUE, flags, NULL, NULL, &si, &pi);
+		}
 		if(b || GetLastError() != ERROR_FILE_NOT_FOUND || (argv != NULL && *argv != NULL) || cmd[0] == '\"')
 			break;
 		t++;