Date: Sat, 02 Sep 2000 23:36:13 +0100 From: Brian Somers <brian@Awfulhak.org> To: Peter Wemm <peter@netplex.com.au> Cc: Brian Somers <brian@Awfulhak.org>, "Jacques A. Vidrine" <n@nectar.com>, Neil Blakey-Milner <nbm@mithrandr.moria.org>, Poul-Henning Kamp <phk@critter.freebsd.dk>, Dan Nelson <dnelson@emsphone.com>, sthaug@nethelp.no, ume@FreeBSD.ORG, arch@FreeBSD.ORG, freebsd-arch@FreeBSD.ORG, brian@Awfulhak.org Subject: Re: setuid ssh should die Message-ID: <200009022236.e82MaD775707@hak.lan.Awfulhak.org> In-Reply-To: Message from Peter Wemm <peter@netplex.com.au> of "Sat, 02 Sep 2000 15:22:28 PDT." <200009022222.e82MMSG33103@netplex.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
> Brian Somers wrote:
> > > On Sat, Sep 02, 2000 at 10:32:44PM +0200, Neil Blakey-Milner wrote:
> > > > On Sat 2000-09-02 (22:24), Poul-Henning Kamp wrote:
> > > > > Uhm, how about a ssh_config variable where you tell it to drop
> > > > > the setuid bit right away, wouldn't that work ?
> > > >
> > > > I'd prefer to leave it off. It means one less file to assure myself is
> > > > safe, if I were thinking with my paranoid security hat on.
> > >
> > > In addition to Neil's points, setuid executables ignore LD_LIBRARY_PATH
> > > and such, breaking SOCKS. ssh is the type of application one would
> > > expect to use with SOCKS, so I'd prefer not having the gratuitous setuid
> > > bit set.
> >
> > What do people reckon then (-arch cc'd) ? I'll add
> >
> > #ENABLE_SUIDSSH= true
> >
> > to etc/defaults/make.conf then mention it in ssh_config and make the
> > adjustment to the ssh build so that it defaults to *not* being suid.
>
> Actually.. here's a thought.. we presently install ssh and hard link it
> to slogin. Perhaps we could install it twice instead (its 148K or so)
> and leave setuid *off* ssh and *on* for slogin.
>
> And make a make.conf hook about whether or not to install slogin.
But slogin doesn't need to be suid either - not for any reason I know
of anyway.
> Cheers,
> -Peter
> --
> Peter Wemm - peter@FreeBSD.org; peter@yahoo-inc.com; peter@netplex.com.au
> "All of this is for nothing if we don't go to the stars" - JMS/B5
--
Brian <brian@Awfulhak.org> <brian@[uk.]FreeBSD.org>
<http://www.Awfulhak.org>; <brian@[uk.]OpenBSD.org>
Don't _EVER_ lose your sense of humour !
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200009022236.e82MaD775707>