From owner-freebsd-security Mon Jun 24 15:22:39 2002 Delivered-To: freebsd-security@freebsd.org Received: from bluenugget.net (bluenugget.net [64.32.175.43]) by hub.freebsd.org (Postfix) with ESMTP id 72B2E37B403 for ; Mon, 24 Jun 2002 15:22:30 -0700 (PDT) Received: from [192.168.4.154] (sf-gw.epylon.com [63.93.9.98]) (using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits)) (No client certificate requested) by bluenugget.net (Postfix) with ESMTP id 6FF2A1360C; Mon, 24 Jun 2002 15:23:54 -0700 (PDT) Date: Mon, 24 Jun 2002 15:22:26 -0700 From: Jason DiCioccio Reply-To: Jason DiCioccio To: Matt Piechota Cc: freebsd-security@FreeBSD.ORG Subject: Re: [openssh-unix-announce] Re: Upcoming OpenSSH vulnerability (fwd) Message-ID: <2147483647.1024932146@[192.168.4.154]> In-Reply-To: <20020624181545.C550-100000@cithaeron.argolis.org> References: <20020624181545.C550-100000@cithaeron.argolis.org> X-Mailer: Mulberry/3.0.0a2 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --On Monday, June 24, 2002 6:18 PM -0400 Matt Piechota wrote: > Does this reset OpenBSD's 4-years without a root hole? :) Probably not.. From what I've seen, that goes based on the latest release, and I *think* the latest release of openbsd has privsep enabled by default. Then again, isn't apache enabled by default on openbsd? Or just installed by default? -- Jason DiCioccio - jd@bluenugget.net - Useless .sig Open Domain Service - geniusj@ods.org - http://www.ods.org/ Ruby - jd@ruby-lang.org - http://www.ruby-lang.org/ PGP Fingerprint - C442 04E2 26B0 3809 8357 96AB D350 9596 0436 7C08 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message