From owner-freebsd-security Wed Aug 2 22:57:46 2000 Delivered-To: freebsd-security@freebsd.org Received: from david.siemens.de (david.siemens.de [192.35.17.14]) by hub.freebsd.org (Postfix) with ESMTP id 0407137B6F1 for ; Wed, 2 Aug 2000 22:57:43 -0700 (PDT) (envelope-from andre.albsmeier@mchp.siemens.de) X-Envelope-Sender-Is: andre.albsmeier@mchp.siemens.de (at relayer david.siemens.de) Received: from mail1.siemens.de (mail1.siemens.de [139.23.33.14]) by david.siemens.de (8.10.1/8.10.1) with ESMTP id e735vV609681; Thu, 3 Aug 2000 07:57:31 +0200 (MET DST) Received: from curry.mchp.siemens.de (curry.mchp.siemens.de [139.25.42.7]) by mail1.siemens.de (8.10.1/8.10.1) with ESMTP id e735vU618227; Thu, 3 Aug 2000 07:57:30 +0200 (MET DST) Received: (from localhost) by curry.mchp.siemens.de (8.10.2/8.10.2) id e735vUa46280; Date: Thu, 3 Aug 2000 07:57:30 +0200 From: Andre Albsmeier To: Mark Murray Cc: Andre Albsmeier , freebsd-security@FreeBSD.ORG Subject: Re: What will I lose if ssh is no more suid root? Message-ID: <20000803075730.A2568@curry.mchp.siemens.de> References: <20000803074228.A1682@curry.mchp.siemens.de> <200008030554.HAA02280@grimreaper.grondar.za> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200008030554.HAA02280@grimreaper.grondar.za>; from mark@grondar.za on Thu, Aug 03, 2000 at 07:54:57AM +0200 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 03-Aug-2000 at 07:54:57 +0200, Mark Murray wrote: > > As the subject says: What functionality will I lose when ssh > > in 4.1-STABLE is not setuid root anymore? > > There are reasons, but I can't remember them offhand; perhaps > if you asked on the openssh mailing list? (at www.openssh.org). It might have to do with rhosts authentication (this one needs to come from a privileged port as the rcmds do it). But if this is the only reason then that's no problem for me... Thanks, -Andre To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message