oss-sec mailing list archives
Re: CVE request: openssh "ForceCommand" improperly implemented
From: Florian Weimer <fw () deneb enyo de>
Date: Wed, 02 Apr 2008 21:35:18 +0200
* Jonathan Smith:
It looks to be a rather minor issue since ~/.ssh/rc is usually 0600 and ~/.ssh is usually 0700.
We need to check how this interacts with scponly and rssh. 8-(
Current thread:
- CVE request: openssh "ForceCommand" improperly implemented Jonathan Smith (Apr 02)
- Re: CVE request: openssh "ForceCommand" improperly implemented Steven M. Christey (Apr 02)
- Re: CVE request: openssh "ForceCommand" improperly implemented Florian Weimer (Apr 02)