Date: Sat, 2 Sep 2000 16:01:56 -0500 From: "Jacques A. Vidrine" <n@nectar.com> To: Neil Blakey-Milner <nbm@mithrandr.moria.org> Cc: Poul-Henning Kamp <phk@critter.freebsd.dk>, Brian Somers <brian@Awfulhak.org>, Dan Nelson <dnelson@emsphone.com>, sthaug@nethelp.no, ume@FreeBSD.ORG, arch@FreeBSD.ORG Subject: Re: setuid ssh should die Message-ID: <20000902160156.D1263@hamlet.nectar.com> In-Reply-To: <20000902223244.A39844@mithrandr.moria.org>; from nbm@mithrandr.moria.org on Sat, Sep 02, 2000 at 10:32:44PM %2B0200 References: <200009022015.e82KFN740808@hak.lan.Awfulhak.org> <41784.967926245@critter> <20000902223244.A39844@mithrandr.moria.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Sep 02, 2000 at 10:32:44PM +0200, Neil Blakey-Milner wrote: > On Sat 2000-09-02 (22:24), Poul-Henning Kamp wrote: > > Uhm, how about a ssh_config variable where you tell it to drop > > the setuid bit right away, wouldn't that work ? > > I'd prefer to leave it off. It means one less file to assure myself is > safe, if I were thinking with my paranoid security hat on. In addition to Neil's points, setuid executables ignore LD_LIBRARY_PATH and such, breaking SOCKS. ssh is the type of application one would expect to use with SOCKS, so I'd prefer not having the gratuitous setuid bit set. -- Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000902160156.D1263>