Date: Sat, 2 Sep 2000 22:14:24 +0200 From: Neil Blakey-Milner <nbm@mithrandr.moria.org> To: "Jacques A. Vidrine" <n@nectar.com> Cc: Dan Nelson <dnelson@emsphone.com>, sthaug@nethelp.no, phk@critter.freebsd.dk, ume@FreeBSD.ORG, arch@FreeBSD.ORG Subject: Re: setuid ssh should die (Re: Request for review: nsswitch) Message-ID: <20000902221424.A39558@mithrandr.moria.org> In-Reply-To: <20000902150221.A1263@hamlet.nectar.com>; from n@nectar.com on Sat, Sep 02, 2000 at 03:02:21PM -0500 References: <41582.967924374@critter> <62717.967924513@verdi.nethelp.no> <20000902145822.B28852@dan.emsphone.com> <20000902150221.A1263@hamlet.nectar.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat 2000-09-02 (15:02), Jacques A. Vidrine wrote: > On Sat, Sep 02, 2000 at 02:58:22PM -0500, Dan Nelson wrote: > > Rather, it's so it can read the host key, which is only readable by > > root. > > We're talking about ssh, not sshd. So was he. He is talking RhostsRSAAuthentication. I think we needn't worry about it, and we should default to non-suid, with a comment in the configuration stating that RhostsRSAAuthentication requires suid-root on the ssh binary on the client side. Neil -- Neil Blakey-Milner Sunesi Clinical Systems nbm@mithrandr.moria.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000902221424.A39558>