Re: Root login in graphical enviroment
On Wed, 2002-07-31 at 23:56, Jamin W.Collins wrote:
> On 31 Jul 2002 23:25:25 +0800
> "Crispin Wellington" <crispin@aeonline.net> wrote:
>
> > Are there indeed? run
> > ps auxwww|grep sshd
> > and tell me what user level yours is running at.
>
> Sure the process is running as root, but take a look at your man page.
>
> From the man page:
>
> UsePrivilegeSeparation
Whats this got to do with PermitRootLogin? My original statement was
"Any compromise of ssh will give the user root anyway because it runs at
user level root". UsePrivilegeSeperation doesn't magically stop this
from happening. It only "mitigate[s] the risks of any future OpenSSH
compromise". Also "Unfortunately, the advisory was incorrect on some
points, leading to widespread confusion about the impact of this
vulnerability". http://www.debian.org/security/2002/dsa-134
> I've read them, perhaps you should.
Read. Read again. PAMAuthenticationViaKbdInt no,
ChallengeResponseAuthentication no.
Dont see any PermitRootLogin no
> > Tell me. sshd version OpenSSH_3.4p1 Debian 1:3.4p1-1.
> > /etc/ssh/sshd_config contains PermitRootLogin yes.
>
> I've been against this from the start, and change it on all my
systems.
> The package maintain seems to be stubborn about it from what I've
seen.
>
> > Can this sshd be compromised, or not?
>
> If you're asking whether or not the default sshd_config settings can
allow
> for a system being compromised, IMHO most certainly.
better apt-get remove ssh then. And just to be safe... kill `ps
auxwww|grep root|awk '{print $2}'`.
Crispin
Reply to: