Date: Wed, 26 Jun 2002 11:43:45 -0700 From: William Carrel <william.carrel@infospace.com> To: Jan Lentfer <Jan.Lentfer@web.de>, FreeBSD Security Mailling List <freebsd-security@FreeBSD.ORG> Subject: Re: OpenSSH Security (just a question, please no f-war) Message-ID: <B93F5971.12FF3%william.carrel@infospace.com> In-Reply-To: <1025116241.2817.2.camel@jan-linux.lan>
next in thread | previous in thread | raw e-mail | index | archive | help
On 6/26/02 11:30 AM, "Jan Lentfer" <Jan.Lentfer@web.de> wrote:
> Ok all,
>
> i somewhat gave up to follow the OpenSSH conversation on the list. I
> have ONE question:
>
> I am now running 3.3p1 on all my boxes (FreeBSD & Linux) with Privilige
> Separation enabled. Is this configuration secure for now or not?
> Do I have to update to 3.4 as soon as it is in ports or can I take a few
> days until everything has settled and calmed a little?
If and only if you have ChallengeResponseAuthentication set to "yes" then
you are vulnerable to a hole that will allow malicious code to be executed
as the privsep user ("sshd") in the /var/empty chroot(). This could lead to
further compromisation of your system (even inside the chroot as a
relatively unprivileged user).
--
William Carrel | Sr. Systems Engineer | william.carrel@infospace.com
InfoSpace INC 601 108th Ave NE | Suite 1200 | Bellevue, WA 98004
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B93F5971.12FF3%william.carrel>