Re: DSA-134-1

To: debian-security@lists.debian.org
Subject: Re: DSA-134-1
From: Greg Hunt <greg@supplyedge.com>
Date: Tue, 25 Jun 2002 15:13:56 -0700
Message-id: <[🔎] 20020625151356.A19232@gregh>
In-reply-to: <[🔎] 3D18E775.3040409@teilo.net>; from teilo@teilo.net on Tue, Jun 25, 2002 at 11:58:13PM +0200
References: <[🔎] 814053EA-87C9-11D6-AC16-00039355CFA6@suespammers.org> <[🔎] 20020624232846.GH28956@wiggy.net> <[🔎] 87r8ivfs1o.fsf@CERT.Uni-Stuttgart.DE> <[🔎] 3D186BC9.545DC569@dreibrodt.de> <[🔎] 20020625193630.GB13179@fishbowl.madduck.net> <[🔎] 20020625141532.A18809@gregh> <[🔎] 3D18E775.3040409@teilo.net>

Yes it's still not a good thing for sometime to have a shell with no priv's but someone asked "better how?", I'm pretty sure if most admins had a choice between an attacker having root access or an attacker having a chrooted shell with no privs they would choose the latter. Seeing as how there isn't a patch yet for the bug, it's this or nothing. 
-Greg

> >Theo de Raadt said in a post to Bugtraq the exploit won't work on sshd with privilege seperation enabled, however even if it did work it'd be better to have an attacker get a chrooted shell with no privs instead of root access to the entire system. 
> >
> In which case you just need a local exploit to go with your remote exploit.
> 
> makes it harder but not impossible.
> 

-- 
------SupplyEdge-------
Greg Hunt
800-733-3380 x 107
greg@supplyedge.com


-- 
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- DSA-134-1
  - From: Anthony DeRobertis <asd@suespammers.org>
- Re: DSA-134-1
  - From: Wichert Akkerman <wichert@wiggy.net>
- Re: DSA-134-1
  - From: Florian Weimer <Weimer@CERT.Uni-Stuttgart.DE>
- Re: DSA-134-1
  - From: Ralf Dreibrodt <ralf@dreibrodt.de>
- Re: DSA-134-1
  - From: martin f krafft <madduck@debian.org>
- Re: DSA-134-1
  - From: Greg Hunt <greg@supplyedge.com>
- Re: DSA-134-1
  - From: James Nord <teilo@teilo.net>

Prev by Date: Re: DSA-134-1
Next by Date: Re: DSA-134-1
Previous by thread: Re: DSA-134-1
Next by thread: Re: DSA-134-1
Index(es):
- Date
- Thread