Re: ssh difference v3.3 vs. 3.4 ???
On Wed, Jun 26, 2002 at 05:25:16PM -0500, Richard Cobbe wrote:
> Lo, on Wednesday, June 26, Colin Watson did write:
> > If you're running 3.3 with privilege separation enabled (as it is by
> > default), most remote root exploits become remote exploits of the sshd
> > user, which is considerably less serious.
>
> So, I'm running ssh 3.3 as packaged for woody. I don't have
> UserPrivilegeSeparation turned off in any config files, but I still see
> the following:
>
> [nanny-ogg:~]$ ps aux | grep [s]shd
> root 268 0.0 0.2 2788 716 ? S 06:19 0:00 /usr/sbin/sshd
>
> sshd is still running as root. Is this what I should be seeing?
Yes, the parent process continues to run as root. If you ssh to a box
running 3.3 and leave the connection at the password prompt, you'll see
a process running as the sshd user until the authentication is
completed.
> > 3.4 added fixes for the real problems rather than just bandaging over
> > them.
>
> Any word on when 3.4 will be available as a .deb?
Not yet; there's some discussion of exactly what to do. (The discussions
have been private, so unfortunately I can't give any details, not that I
know all that much more anyway.)
--
Colin Watson [cjwatson@flatline.org.uk]
--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: