From owner-freebsd-security Mon Jun 24 18:45:59 2002 Delivered-To: freebsd-security@freebsd.org Received: from cvs.openbsd.org (cvs.openbsd.org [199.185.137.3]) by hub.freebsd.org (Postfix) with ESMTP id C64A037B401; Mon, 24 Jun 2002 18:45:54 -0700 (PDT) Received: from cvs.openbsd.org (deraadt@localhost [127.0.0.1]) by cvs.openbsd.org (8.12.4/8.12.1) with ESMTP id g5P1kXLI030924; Mon, 24 Jun 2002 19:46:33 -0600 (MDT) Message-Id: <200206250146.g5P1kXLI030924@cvs.openbsd.org> To: Darren Reed Cc: nectar@FreeBSD.ORG (Jacques A. Vidrine), freebsd-security@FreeBSD.ORG Subject: Re: Hogwash In-reply-to: Your message of "Tue, 25 Jun 2002 11:40:15 +1000." <200206250140.LAA26616@caligula.anu.edu.au> Date: Mon, 24 Jun 2002 19:46:33 -0600 From: Theo de Raadt Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > What I like least about this new bug is that the workaround is to use > a new feature called "Priviledge Separation". Maybe it wouldn't have > mattered what the "next new bug" was, this would just have been one > defence. The timing is quite ironic. Yes, and you know all about ironic timing > The paranoia in me is screaming to resist and I can't help but ponder, > does enabling priviledge separation disable the exploit or does it just > limit it to the userid sshd runs as in this mode ? Darren, resist enabling privsep. I cannot find strong enough enough words in urging you. > Can an attacker still get a remote shell (just not root) if priviledge > separation is enabled ? Duh. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message