From owner-freebsd-security  Mon Jun 24 19:42:40 2002
Delivered-To: freebsd-security@freebsd.org
Received: from caligula.anu.edu.au (caligula.anu.edu.au [150.203.224.42])
	by hub.freebsd.org (Postfix) with ESMTP
	id 1BA1537B403; Mon, 24 Jun 2002 19:42:32 -0700 (PDT)
Received: (from avalon@localhost)
	by caligula.anu.edu.au (8.9.3/8.9.3) id MAA08539;
	Tue, 25 Jun 2002 12:42:28 +1000 (EST)
From: Darren Reed <avalon@coombs.anu.edu.au>
Message-Id: <200206250242.MAA08539@caligula.anu.edu.au>
Subject: Re: Hogwash
To: deraadt@cvs.openbsd.org (Theo de Raadt)
Date: Tue, 25 Jun 2002 12:42:28 +1000 (Australia/ACT)
Cc: nectar@FreeBSD.ORG (Jacques A. Vidrine),
	freebsd-security@FreeBSD.ORG
In-Reply-To: <200206250146.g5P1kXLI030924@cvs.openbsd.org> from "Theo de Raadt" at Jun 24, 2002 07:46:33 PM
X-Mailer: ELM [version 2.5 PL1]
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

In some mail from Theo de Raadt, sie said:
> 
> > What I like least about this new bug is that the workaround is to use
> > a new feature called "Priviledge Separation".  Maybe it wouldn't have
> > mattered what the "next new bug" was, this would just have been one
> > defence.  The timing is quite ironic.
> 
> Yes, and you know all about ironic timing
> 
> > The paranoia in me is screaming to resist and I can't help but ponder,
> > does enabling priviledge separation disable the exploit or does it just
> > limit it to the userid sshd runs as in this mode ?
> 
> Darren, resist enabling privsep.  I cannot find strong enough enough
> words in urging you.
> 
> > Can an attacker still get a remote shell (just not root) if priviledge
> > separation is enabled ?
> 
> Duh.

If that's the case then I think I'll just turn off openssh(d) until I can
secure it properly, when the patch is released.

I'd like to recommend others do the same but that'll depend on your
networks and whether they can live without that sort of remote access
for a week or so.

Darren

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message