Vulnerability Development mailing list archives
Re: OpenSSH Vulns (new?) Priv seperation
From: "Michael Greenberg" <greenberg () nji com>
Date: Thu, 27 Jun 2002 15:08:57 -0400
"However, with privileges separation turned on, you are immune from at least one remote hole." at least one? Jesus how many are there? any information would be appreciated.... -wire
I think he means to imply that with UsePrivilegeSeparation, you'll be immune to unknown bugs in the nearly twenty-five thousand lines of non- root code. I would liken this to Apache, running as 'nobody' or a separate user, as compared with IIS, running as 'System'. It's a Good Thing. Michael.
Current thread:
- OpenSSH Vulns (new?) Priv seperation wirepair (Jun 26)
- Re: OpenSSH Vulns (new?) Priv seperation Valdis . Kletnieks (Jun 26)
- Re: OpenSSH Vulns (new?) Priv seperation John Madden (Jun 26)
- Re: OpenSSH Vulns (new?) Priv seperation Jose Nazario (Jun 26)
- Re: OpenSSH Vulns (new?) Priv seperation Michael Greenberg (Jun 28)
- <Possible follow-ups>
- RE: OpenSSH Vulns (new?) Priv seperation Peter Mueller (Jun 26)
- RE: OpenSSH Vulns (new?) Priv seperation Michal Zalewski (Jun 26)