From owner-freebsd-security  Sat Feb  3 22:13:54 2001
Delivered-To: freebsd-security@freebsd.org
Received: from dt051n37.san.rr.com (dt051n37.san.rr.com [204.210.32.55])
	by hub.freebsd.org (Postfix) with ESMTP
	id 2E21B37B401; Sat,  3 Feb 2001 22:13:37 -0800 (PST)
Received: from gorean.org (master [10.0.0.2])
	by dt051n37.san.rr.com (8.9.3/8.9.3) with ESMTP id WAA73471;
	Sat, 3 Feb 2001 22:13:35 -0800 (PST)
	(envelope-from DougB@gorean.org)
Message-ID: <3A7CF30F.249FD032@gorean.org>
Date: Sat, 03 Feb 2001 22:13:35 -0800
From: Doug Barton <DougB@gorean.org>
Organization: Triborough Bridge & Tunnel Authority
X-Mailer: Mozilla 4.76 [en] (Win98; U)
X-Accept-Language: en
MIME-Version: 1.0
To: Ade Lovett <ade@FreeBSD.org>
Cc: Rasputin <rasputin@FreeBSD-uk.eu.org>,
	freebsd-security@FreeBSD.org, imp@village.org
Subject: Re: OpenSSH b0rked (was RE: Problems with IPFW patch)
References: <NDBBJJFIKLHBJCFDIOKGEEKHCAAA.kupek@earthlink.net> <FDEEKLDJMPFBCBKOEEINCEIGCKAA.scott@link-net.com> <20010124230626.A49802@citusc17.usc.edu> <20010125103255.A78404@FreeBSD.org> <200101262153.f0QLrLL40016@earth.backplane.com> <20010129095752.A37233@dogma.freebsd-uk.eu.org> <20010129101411.A16899@FreeBSD.org>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Ade Lovett wrote:
> 
> On Mon, Jan 29, 2001 at 09:57:53AM +0000, Rasputin wrote:
> > In general I'd agree with Matt and aDe, but if a directive
> > affecting security has changed, I'd say it's better to be notified of it
> > as soon as possible.
> > Killing off sshd obviously makes remote admin a real problem, though;
> > is there another way to guarantee we'd notice ?
> 
> Well, something in /usr/src/UPDATING might have helped.
> Believe it or not, I do read it.  Nothing there.
> 
> Update -stable box, run mergemaster, ignore anything to do with
> ssh_config or sshd_config since ours are fairly heavily different,
> reboot, no sshd.

	This, BTW, is one of the reasons I'm so fascist about mm displaying
diffs when files are actually different. Every once in a while, things
like this happen. Whether they _should_ happen or not is a whole
different question.

Doug


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message