Date: Mon, 6 Jan 2003 23:41:32 +0100 From: Christoph Moench-Tegeder <cmt@rz.uni-karlsruhe.de> To: freebsd-security@FreeBSD.ORG Subject: Re: Fwd: OPENSSH REMOTE ROOT COMPROMISE ALL VERSIONS Message-ID: <20030106224131.GB21393@rz-ewok.rz.uni-karlsruhe.de> In-Reply-To: <200301062139.h06Ld1Ka011779@aristotle.tamu.edu> References: <3E19F4B0.3090903@pantherdragon.org> <200301062139.h06Ld1Ka011779@aristotle.tamu.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
## Robin Smith (rasmith@aristotle.tamu.edu): > Whatever the credibility of this advisory, it seems the issue is handled > just by turning on privilege separation. If there was an exploit, an attacker shouldn't get root on your box but user sshd chroot()ed to /var/empty. This lessens the impact of bugs, but they don't vanish this way. > (2) Can anyone tell me any reason not to turn it on (apart from a few > additional entries in the process table)? It's off in the default FreeBSD > 4.7 config. It's on. OpenSSH >=3.4 hast priviledge seperation on by default and can be configured to the old behaviour by setting "UsePrivilegeSeparation no" (which is commented out in FreeBSD's config. Regards, cmt -- Spare Space To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030106224131.GB21393>