Re: Backport of the integer overflow in the brk system call

To: debian-devel@lists.debian.org
Subject: Re: Backport of the integer overflow in the brk system call
From: Colin Watson <cjwatson@debian.org>
Date: Tue, 9 Dec 2003 03:07:00 +0000
Message-id: <[🔎] 20031209030700.GA9094@riva.ucam.org>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 200312081328.20636.russell@coker.com.au>
References: <[🔎] 20031204192354.GP582@dijkstra.csh.rit.edu> <[🔎] 20031204195526.GB1456@comcast.net> <[🔎] 20031208021658.GA2247@kermit.flying-gecko.net> <[🔎] 200312081328.20636.russell@coker.com.au>

On Mon, Dec 08, 2003 at 01:28:20PM +1100, Russell Coker wrote:
> Another problem is that host keys require SUID ssh client in the
> default configuration.

This hasn't been true since OpenSSH 3.3, and therefore since before
woody. See ssh-keysign(8).

openssh (1:3.3p1-0.0woody1) testing-security; urgency=high

  [...]
  * Support setuid ssh-keysign binary instead of setuid ssh client.
  [...]

 -- Daniel Jacobowitz <dan@debian.org>  Mon, 24 Jun 2002 13:43:44 -0400

Cheers,

-- 
Colin Watson                                  [cjwatson@flatline.org.uk]

Reply to:

References:
- Re: Backport of the integer overflow in the brk system call
  - From: Matt Zimmerman <mdz@debian.org>
- Re: Backport of the integer overflow in the brk system call
  - From: Tom <tb.31123.nospam@comcast.net>
- Re: Backport of the integer overflow in the brk system call
  - From: Patrick Ouellette <pouelle@debian.org>
- Re: Backport of the integer overflow in the brk system call
  - From: Russell Coker <russell@coker.com.au>

Prev by Date: Bug#223403: ITP: giftui -- Graphical user interface to giFT
Next by Date: Re: Accounts on debian.org machines
Previous by thread: Re: Backport of the integer overflow in the brk system call
Next by thread: Re: Backport of the integer overflow in the brk system call
Index(es):
- Date
- Thread