Re: DSA-134-1

To: Moritz Schulte <moritz@duesseldorf.ccc.de>
Cc: Debian Security <debian-security@lists.debian.org>
Subject: Re: DSA-134-1
From: Oystein Viggen <oysteivi@tihlde.org>
Date: Wed, 26 Jun 2002 13:51:40 +0200
Message-id: <[🔎] 03znxigsvn.fsf@msgid.viggen.net>
In-reply-to: <[🔎] 871yauwabh.fsf@gryffindor.sc> (Moritz Schulte's message of "Wed, 26 Jun 2002 13:25:54 +0200")
References: <[🔎] 814053EA-87C9-11D6-AC16-00039355CFA6@suespammers.org> <[🔎] 20020624232846.GH28956@wiggy.net> <[🔎] 87r8ivfs1o.fsf@CERT.Uni-Stuttgart.DE> <[🔎] 3D186BC9.545DC569@dreibrodt.de> <p04320409b93e2c1ed95a@[192.168.3.11]> <[🔎] 3D188963.78F9B33A@dreibrodt.de> <[🔎] 20020625161143.GB14562@zionlth.org> <[🔎] 871yauwabh.fsf@gryffindor.sc>

* [Moritz Schulte] 

> As a side note: many network daemons could make use of this special
> feature to be more secure.

Off the top of my head, I can think of telnetd, popd and imapd.

For ssh, you would need to support public key authentication in the
passwd server, and ftp will have to deal with the old "have to open port
20 on the fly" problem.

So privsep will still be useful on the Hurd, with the only improvement
being that you don't really need the sshd user.

Oystein
-- 
When in doubt: Recompile.


-- 
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- DSA-134-1
  - From: Anthony DeRobertis <asd@suespammers.org>
- Re: DSA-134-1
  - From: Wichert Akkerman <wichert@wiggy.net>
- Re: DSA-134-1
  - From: Florian Weimer <Weimer@CERT.Uni-Stuttgart.DE>
- Re: DSA-134-1
  - From: Ralf Dreibrodt <ralf@dreibrodt.de>
- Re: DSA-134-1
  - From: Christian Jaeger <christian.jaeger@sl.ethz.ch>
- Re: DSA-134-1
  - From: Ralf Dreibrodt <ralf@dreibrodt.de>
- Re: DSA-134-1
  - From: Phillip Hofmeister <plhofmei@zionlth.org>
- Re: DSA-134-1
  - From: Moritz Schulte <moritz@duesseldorf.ccc.de>

Prev by Date: Problems with SSH Upgrade
Next by Date: Re: Problems with SSH Upgrade
Previous by thread: Re: DSA-134-1
Next by thread: Re: DSA-134-1
Index(es):
- Date
- Thread