Date: Tue, 25 Jun 2002 08:50:44 -0700 (PDT) From: Brian Behlendorf <brian@hyperreal.org> To: Niels Provos <provos@citi.umich.edu> Cc: security@freebsd.org Subject: Re: UseLogin and openssh-portable priv separation Message-ID: <20020625084414.K310-100000@yez.hyperreal.org> In-Reply-To: <20020625105312.GH15772@citi.citi.umich.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 25 Jun 2002, Niels Provos wrote: > If you do UseLogin, that means that you will loose privilege > separation after authentication. The Pre-authentication phase is > still privilege separated even with UseLogin enabled. Right, I got that from the man page, but was still slightly unclear: does using UseLogin remove the security that prevents the to-be-released exploit from being exploitable? Sounds like it does not remove that security, *unless* the attack came from someone who successfully authenticated, who could then get root? Brian To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020625084414.K310-100000>