Date: Sat, 2 Sep 2000 16:48:19 -0500 From: "Jacques A. Vidrine" <n@nectar.com> To: Robert Watson <rwatson@FreeBSD.ORG> Cc: Neil Blakey-Milner <nbm@mithrandr.moria.org>, Dan Nelson <dnelson@emsphone.com>, sthaug@nethelp.no, phk@critter.freebsd.dk, ume@FreeBSD.ORG, arch@FreeBSD.ORG Subject: Re: setuid ssh should die (Re: Request for review: nsswitch) Message-ID: <20000902164819.B1497@hamlet.nectar.com> In-Reply-To: <Pine.NEB.3.96L.1000902174123.60028C-100000@fledge.watson.org>; from rwatson@FreeBSD.ORG on Sat, Sep 02, 2000 at 05:45:14PM -0400 References: <20000902155701.C1263@hamlet.nectar.com> <Pine.NEB.3.96L.1000902174123.60028C-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Sep 02, 2000 at 05:45:14PM -0400, Robert Watson wrote:
> > @@ -546,6 +546,10 @@
> > }
> > /* Disable rhosts authentication if not running as root. */
> > if (original_effective_uid != 0 || !options.use_privileged_port) {
> > + if (options.rhosts_authentication ||
> > + options.rhosts_rsa_authentication)
> > + log("Warning: rhosts disabled - "
> > + "insufficient privileges");
> > options.rhosts_authentication = 0;
> > options.rhosts_rsa_authentication = 0;
> > }
>
> That sucks. Don't do that. :-)
I didn't. That is a patch for OpenSSH's ssh.c, just adding a warning.
--
Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000902164819.B1497>