Re: Backport of the integer overflow in the brk system call
On Mon, Dec 08, 2003 at 01:28:20PM +1100, Russell Coker wrote:
> Another problem is that host keys require SUID ssh client in the
> default configuration.
This hasn't been true since OpenSSH 3.3, and therefore since before
woody. See ssh-keysign(8).
openssh (1:3.3p1-0.0woody1) testing-security; urgency=high
[...]
* Support setuid ssh-keysign binary instead of setuid ssh client.
[...]
-- Daniel Jacobowitz <dan@debian.org> Mon, 24 Jun 2002 13:43:44 -0400
Cheers,
--
Colin Watson [cjwatson@flatline.org.uk]
Reply to: