Date: Wed, 26 Jun 2002 12:51:15 -0600 From: Brett Glass <brett@lariat.org> To: Jan Lentfer <Jan.Lentfer@web.de>, FreeBSD Security Mailling List <freebsd-security@FreeBSD.ORG> Cc: markus@openssh.com Subject: Re: OpenSSH Security (just a question, please no f-war) Message-ID: <4.3.2.7.2.20020626124251.02213460@localhost> In-Reply-To: <1025116241.2817.2.camel@jan-linux.lan>
next in thread | previous in thread | raw e-mail | index | archive | help
At 12:30 PM 6/26/2002, Jan Lentfer wrote: >I am now running 3.3p1 on all my boxes (FreeBSD & Linux) with Privilige >Separation enabled. Is this configuration secure for now or not? It's not clear. The OpenSSH team claims that when the fixed the bug discovered by ISS they also fixed other vulnerabilities which ISS did NOT discover. If any of these are in 3.3p1, we may be vulnerable. Markus would, of course, be the authority on this issue; maybe he'd care to comment? --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.2.7.2.20020626124251.02213460>