Date: Mon, 06 Jan 2003 15:39:01 -0600 From: Robin Smith <rasmith@aristotle.tamu.edu> To: freebsd-security@FreeBSD.ORG Subject: Re: Fwd: OPENSSH REMOTE ROOT COMPROMISE ALL VERSIONS Message-ID: <200301062139.h06Ld1Ka011779@aristotle.tamu.edu> In-Reply-To: Message from Darren Pilgrim <dmp@pantherdragon.org> of "Mon, 06 Jan 2003 13:27:12 PST." <3E19F4B0.3090903@pantherdragon.org>
next in thread | previous in thread | raw e-mail | index | archive | help
>>>>> "Darren" == Darren Pilgrim <dmp@pantherdragon.org> writes:
Darren> Mike Tancsa wrote:
>> FYI, for those not on bugtraq.
Darren> The "advisory" is suspect.
Whatever the credibility of this advisory, it seems the issue is handled
just by turning on privilege separation.
(1) Is that right?
(2) Can anyone tell me any reason not to turn it on (apart from a few
additional entries in the process table)? It's off in the default FreeBSD
4.7 config.
Robin Smith
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200301062139.h06Ld1Ka011779>