Vulnerability Development mailing list archives
Re: OpenSSH Vulns (new?) Priv seperation
From: Filipe Almeida <filipe () rnl ist utl pt>
Date: Fri, 4 Oct 2002 19:30:17 +0100
On Thu, Oct 03, 2002 at 05:36:39AM +0200, Peter Mueller wrote:
reducing root-run code from 27000 to 2500 lines is the important part. who cares how many holes there are when it is in /var/empty/sshd chroot with no possibility of root :)
Not really. You are still a user on the system so you can use that machine as a relay to an intranet or to perform trust relationship attacks. You may also be able to steal sshd's private keys as an aid to a mitm attack. I care about that :) -- Filipe Almeida <filipe () rnl ist utl pt>
Current thread:
- RE: OpenSSH Vulns (new?) Priv seperation Peter Mueller (Oct 03)
- Re: OpenSSH Vulns (new?) Priv seperation Filipe Almeida (Oct 04)
- Re: OpenSSH Vulns (new?) Priv seperation Markus Friedl (Oct 08)
- Re: OpenSSH Vulns (new?) Priv seperation Filipe Almeida (Oct 04)