From owner-freebsd-security  Thu Jun  3 11:18:26 1999
Delivered-To: freebsd-security@freebsd.org
Received: from wopr.caltech.edu (wopr.caltech.edu [131.215.240.222])
	by hub.freebsd.org (Postfix) with ESMTP id E16A814C1F
	for <freebsd-security@freebsd.org>; Thu,  3 Jun 1999 11:18:24 -0700 (PDT)
	(envelope-from mph@wopr.caltech.edu)
Received: (from mph@localhost)
	by wopr.caltech.edu (8.9.3/8.9.1) id LAA60549;
	Thu, 3 Jun 1999 11:17:46 -0700 (PDT)
	(envelope-from mph)
Date: Thu, 3 Jun 1999 11:17:46 -0700
From: Matthew Hunt <mph@astro.caltech.edu>
To: "David G. Andersen" <danderse@cs.utah.edu>
Cc: "Jan B. Koum " <jkb@best.com>,
	Bill Fumerola <billf@jade.chc-chimes.com>,
	Unknow User <kernel@tdnet.com.br>, freebsd-security@freebsd.org
Subject: Re: SSH2 (in FreeBSD-Questions)
Message-ID: <19990603111746.A60419@wopr.caltech.edu>
References: <375690E3.4BC9BB94@tdnet.com.br> <Pine.BSF.3.96.990603133742.8776C-100000@jade.chc-chimes.com> <19990603110213.B19566@best.com> <19990603110957.C59847@wopr.caltech.edu> <14166.50513.861526.155312@torrey.cs.utah.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.95.4i
In-Reply-To: <14166.50513.861526.155312@torrey.cs.utah.edu>; from David G. Andersen on Thu, Jun 03, 1999 at 12:12:13PM -0600
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Thu, Jun 03, 1999 at 12:12:13PM -0600, David G. Andersen wrote:

> It's SUID so it can obtain the local host private key, for
> authentication to the remote machine.  This is necessary if you use
> ssh with .rhosts/.shosts functionality.
> 
> If you don't care about this functionality, then you don't need it to
> be suid.

Maybe it would be good if we keep the current behavior as a default,
and add some sort of DISABLE_SUID option to the build?

Yan, I'm not sure I like the comment on your web page advising
people to avoid ports and packages.  There's no reason to avoid the
ports or packages if you're willing to spend a little time looking
at them, like you have to with the source tarballs anyway, and by
avoiding the ports you may miss out on FreeBSD enhancements, as is
the case with ssh2.  I would consider the login.conf patch to be
security-related.

By all means, if you have security concerns about specific ports,
you should let us know!

Matt

-- 
Matthew Hunt <mph@astro.caltech.edu> * Stay close to the Vorlon.
http://www.pobox.com/~mph/           *


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message