From owner-freebsd-arch Sat Sep 2 15:23:10 2000 Delivered-To: freebsd-arch@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id DC57837B43C for ; Sat, 2 Sep 2000 15:23:07 -0700 (PDT) Received: from billy-club.village.org (billy-club.village.org [10.0.0.3]) by rover.village.org (8.9.3/8.9.3) with ESMTP id QAA15209; Sat, 2 Sep 2000 16:23:06 -0600 (MDT) (envelope-from imp@billy-club.village.org) Received: from billy-club.village.org (localhost [127.0.0.1]) by billy-club.village.org (8.11.0/8.8.3) with ESMTP id e82MMqG02383; Sat, 2 Sep 2000 16:22:52 -0600 (MDT) Message-Id: <200009022222.e82MMqG02383@billy-club.village.org> To: "Jacques A. Vidrine" Subject: Re: setuid ssh should die Cc: arch@FreeBSD.ORG In-reply-to: Your message of "Sat, 02 Sep 2000 16:01:56 CDT." <20000902160156.D1263@hamlet.nectar.com> References: <20000902160156.D1263@hamlet.nectar.com> <200009022015.e82KFN740808@hak.lan.Awfulhak.org> <41784.967926245@critter> <20000902223244.A39844@mithrandr.moria.org> Date: Sat, 02 Sep 2000 16:22:52 -0600 From: Warner Losh Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <20000902160156.D1263@hamlet.nectar.com> "Jacques A. Vidrine" writes: : In addition to Neil's points, setuid executables ignore LD_LIBRARY_PATH : and such, breaking SOCKS. ssh is the type of application one would : expect to use with SOCKS, so I'd prefer not having the gratuitous setuid : bit set. I just use my socks patches to the in-tree ssh. I thought I'd committed them a while ago, but it looks like I didn't. Put me down for "turn of setuid" bit. It is needed only for rsh compatibility (yes, in the client), but we shouldn't encourage that usage of ssh. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message