Date: Wed, 17 Sep 2003 15:55:51 -0400 From: Chuck Swiger <cswiger@mac.com> Cc: security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-03:12.openssh Message-ID: <3F68BC47.5010002@mac.com> In-Reply-To: <200309171936.h8HJa2K5012289@apollo.backplane.com> References: <200309161817.h8GIH1GL072348@freefall.freebsd.org> <5.0.2.1.1.20030916225106.02e09dc0@popserver.sfu.ca> <1063807011.15698.3.camel@gentoo1.enic.cc> <20030917140107.GD91843@madman.celabo.org> <16232.43602.97364.411009@cnr.cs.columbia.edu> <20030917184232.GE6137@madman.celabo.org> <3F68B4EF.9050507@mac.com> <200309171936.h8HJa2K5012289@apollo.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Matthew Dillon wrote: [ ... ] > :This can be dangerous if you are ssh'ed in, and the restart kills your > :connection rather than the daemon. > > All the restart target does is basically kill the pid using the pid file > and then restart the daemon, so it is no more dangerous then the below. It's good that the FreeBSD script does not use 'killall' (for instance), but not every SysV sshd script is as sensible. Of course, if you argued that a NG sshd RC script might involve dependencies which affected other processes, you'd have a point. :-) -- -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3F68BC47.5010002>