Re: [ILUG] openssh vulnerability

From: Paul Kelly (longword at domain esatclear.ie)
Date: Tue 25 Jun 2002 - 10:56:24 IST

• Next message: Mark Kilmartin: "Re: [ILUG] Netsaint / Nagios question"
• Previous message: Philip Reynolds: "Re: [ILUG] Squid's cache_mem variable"
• In reply to: Paul Kelly: "Re: [ILUG] openssh vulnerability"
• Next in thread: John Madden: "Re: [ILUG] openssh vulnerability"
• Reply: John Madden: "Re: [ILUG] openssh vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

Paul Kelly wrote:
> PrivSep is NOT yet an acceptable solution by any stretch of the
> imagination. The Mandrake people have already found bugs in its
> interaction with PAM. For all we know it may expose us to further
> vulnerabilities on par with those in the commercial SSH 3.0 release
> (allowed anyone to ssh in to disabled accounts without a password). This
> code is out a WEEK! I for one wouldn't even consider running it on a
> production machine.

http://slashdot.org/comments.pl?sid=34775&cid=3760733

[Scary log message from OpenSSH 3.3p1 on linux 2.4]

I don't know how accurate this report is - it's from slashdot after all
- but this is the kind of thing that frightens me about new code in ssh.

There are also reports that PrivSep is incompatible with a 2.2 Linux
kernel, regardless of your sshd_config, due to how it uses mmap().

Paul.

• Next message: Mark Kilmartin: "Re: [ILUG] Netsaint / Nagios question"
• Previous message: Philip Reynolds: "Re: [ILUG] Squid's cache_mem variable"
• In reply to: Paul Kelly: "Re: [ILUG] openssh vulnerability"
• Next in thread: John Madden: "Re: [ILUG] openssh vulnerability"
• Reply: John Madden: "Re: [ILUG] openssh vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2.1.6 : Thu 06 Feb 2003 - 13:17:30 GMT