[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Root login in graphical enviroment

On 01 Aug 2002 00:37:30 +0800
"Crispin Wellington" <crispin@aeonline.net> wrote:

> On Wed, 2002-07-31 at 23:56, Jamin W.Collins wrote:
> 
> > Sure the process is running as root, but take a look at your man page.
> > 
> > From the man page:
> > 
> >      UsePrivilegeSeparation
> 
> Whats this got to do with PermitRootLogin? 

Nothing, PermitRootLogin was not your original point.  Thus, it was not
what I responded to.  Your original point was/is what you state below,
which has little to nothing to do with PermitRootLogin.

> My original statement was
> "Any compromise of ssh will give the user root anyway because it runs at
> user level root". UsePrivilegeSeperation doesn't magically stop this
> from happening.

With UsePrivilegeSeparation in effect, "any compromise of ssh" will not
necessarily give root access as you claim.  When Privilege Separation is
in enabled initial communication and authentication with the client is run
as an unprivileged user account.  Thus an exploit at this point will only
provide access that account has.  Additionally, after authentication
occurs the process is switched to the level of the authenticated user. 
Thus, an exploit at this point will only provide access that account has. 
Does this magically eliminate the probelm, no.  But it does help stop it
from happening, that is after all it's point.

> It only "mitigate[s] the risks of any future OpenSSH
> compromise".

Which is excatly what you are claiming it doesn't do.

> Also "Unfortunately, the advisory was incorrect on some
> points, leading to widespread confusion about the impact of this
> vulnerability". http://www.debian.org/security/2002/dsa-134

The advisory was as correct as possible provided the information available
at the time.

> Dont see any PermitRootLogin no

Again not the point that was being contested.


> > If you're asking whether or not the default sshd_config settings can
> > allow for a system being compromised, IMHO most certainly.
> 
> better apt-get remove ssh then. And just to be safe... kill `ps
> auxwww|grep root|awk '{print $2}'`.

Nah, eliminate absolutely any form of allowed authentication short of key
pairs.  Passwords, keyboard interactive, and most certainly direct root
access should all be removed.

-- 
Jamin W. Collins
Reply to: