[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ssh difference v3.3 vs. 3.4 ???

Hi,

"Michael D. Schleif" <mds@helices.org> writes:

> Colin Watson wrote:
>> 
>> On Wed, Jun 26, 2002 at 03:39:49PM -0400, Reid Gilman wrote:
>> > 3.4 contains bugfixes for a few problems I don't completely understand
>> > but I believe that there was a bug that could allow root access.
>> 
>> If you're running 3.3 with privilege separation enabled (as it is by
>> default), most remote root exploits become remote exploits of the sshd
>> user, which is considerably less serious. 3.4 added fixes for the real
>> problems rather than just bandaging over them.
>
> [ snip ]
>
> This is what really, really confuses me !!!
>
> What is ``privilege separation'' ???

While it may not be exactly what you want, you may want to check out
Ian Jackson's 'userv' package for some ideas about what this is.

(I don't know what mechanism SSH uses though ;-)

- Hari
-- 
Raja R Harinath ------------------------------ harinath@cs.umn.edu


-- 
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: