Re: OpenSSH uploaded replacing ssh, please test

To: debian-devel@lists.debian.org
Subject: Re: OpenSSH uploaded replacing ssh, please test
From: Tommi Virtanen <tv@debian.org>
Date: Fri, 5 Nov 1999 00:00:53 +0200
Message-id: <19991105000053.A20053@hq.yok.utu.fi>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <19991104121048.B6967@brown.edu>; from Daniel_Burrows@brown.edu on Thu, Nov 04, 1999 at 12:10:49PM -0500
References: <87g0yob6u3.fsf@sheikh.hands.com> <19991104124010.A31741@hq.yok.utu.fi> <19991104151403.A2698@hq.yok.utu.fi> <87puxqmexs.fsf@sheikh.hands.com> <19991104183652.A11827@hq.yok.utu.fi> <19991104121048.B6967@brown.edu>

On Thu, Nov 04, 1999 at 12:10:49PM -0500, Daniel Burrows wrote:
> On Thu, Nov 04, 1999 at 06:36:53PM +0200, Tommi Virtanen was heard to say:
> >         I am no X expert, but I don't think there's more to do
> >         than that. Unless you want to lock the pages into memory
> >         etc..
>   Actually, I was about to ask whether it's possible to do this (lock memory)
> without making it suid ;-)
> 
>   This would probably be a Good Idea..although if the standard askpass doesn't
> do it leaving it out for now is probably ok (since you won't be any less secure
> at any rate..)

	I believe that would need suid access, which is very
        inappropriate for Perl/Tk. Quoting gpg(1):

--8<--
BUGS
       On many  systems  this  program  should  be  installed  as
       setuid(root).  This  is  necessary  to  lock memory pages.
       Locking memory pages prevents the  operating  system  from
       writing  memory  pages to disk. If you get no warning mes
       sage about insecure memory your operating system  supports
       locking  without being root. The program drops root privi
       leges as soon as locked memory is allocated.
--8<--

-- 
Havoc Consulting | unix, linux, perl, mail, www, internet, security consulting
+358 50 5486010  | software development, unix administration, training

Reply to:

Follow-Ups:
- Re: OpenSSH uploaded replacing ssh, please test
  - From: Jules Bean <jmlb2@hermes.cam.ac.uk>

References:
- OpenSSH uploaded replacing ssh, please test
  - From: Philip Hands <phil@hands.com>
- Re: OpenSSH uploaded replacing ssh, please test
  - From: Tommi Virtanen <tv@debian.org>
- Re: OpenSSH uploaded replacing ssh, please test
  - From: Tommi Virtanen <tv@debian.org>
- Re: OpenSSH uploaded replacing ssh, please test
  - From: Philip Hands <phil@hands.com>
- Re: OpenSSH uploaded replacing ssh, please test
  - From: Tommi Virtanen <tv@debian.org>
- Re: OpenSSH uploaded replacing ssh, please test
  - From: Daniel Burrows <Daniel_Burrows@brown.edu>

Prev by Date: Re: Status in Incoming (Re: Status of Potato)
Next by Date: Re: proftpd
Previous by thread: Re: OpenSSH uploaded replacing ssh, please test
Next by thread: Re: OpenSSH uploaded replacing ssh, please test
Index(es):
- Date
- Thread