Vulnerability Development mailing list archives

Re: ssh quirks...

From: lordvadr () POBOX COM (C.J. Oster)
Date: Mon, 27 Dec 1999 13:28:26 -0600


It's not so much sandard behavior, but sshd's unability to chdir into
$HOME.  Why it doesn't let you log in is beyond me, but any other login
method will at least complain if you did something like 'chmod 700 /home'.
My ssh 2.0.10 under linux does not have this problem.

-CJO-

On Mon, 27 Dec 1999, Scott D. Yelich wrote:

-----BEGIN PGP SIGNED MESSAGE-----


On Mon, 27 Dec 1999, Ryan Permeh wrote:

This is standard unix behaviour.  if a user's home directory path isn't
readable by that user, they can't access it.  typically the /home dir should
be world readable  as should the / dir.  home directories can be any
permissions a user wants and should be owned by the user themselves.
Ryan


Hello, moderator?

Your statements are simply not correct... and it's not the job of each
and every application to inflict upon the system its opinion of what
"standard unix behaviour" should be.  Just imagine if this were the case
and you had 15 different apps each thinking the "standard unix
behaviour" was something different -- or worse, something completely
contradictory.

I'm not sure discussing "Standard unix behaviour" would be productive
here...

Sorry.

Scott

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBOGefoh4PLs9vCOqdAQE1tAP/drX8ikZo16OOq0DueHkpV9BVu+Qt2bpd
bTwuL2loRad80B4AbCR2ulXBM8Ou+LPsROJ1tydZqt5G/59CQyX2eik7UnWrRSwX
51t6tBu1hsxNAU0QVdJTf3fJTVczuiuSYRJsZr1xzW1NTEOHt0LocMe1EdJns6W1
WX+uLnZAMYc=
=iVUC
-----END PGP SIGNATURE-----


             C.J. Oster (Linux Guru/Surge Addict) cjo () pobox com
   ----------------------------------------------------------------------
          Network Security Manager      Unix System Administrator
             For BHNet, Bromley Hall    WSG, CCSO, UIUC
          Hoover and Associates         oster () uiuc edu
          security () bromleygroup com     (217)265-8427
   ----------------------------------------------------------------------

         PGP: 87D5 4216 43A1 42D6 754D  8F5E 24B3 992A B7A1 F556

      Tuition: n. The way you screw your self out of something you
      really want, need, like, or enjoy to learn a simple lesson.

Current thread:

[Fwd: rpcclient 2.0.5a crashed services.exe], (continued)
- - - [Fwd: rpcclient 2.0.5a crashed services.exe] Blue Boar (Dec 15)
    - BSD chfn bug Pavol Luptak (Dec 20)
    - Re: BSD chfn bug Przemyslaw Frasunek (Dec 21)
    - Re: BSD chfn bug Warner Losh (Dec 21)
    - Re: BSD chfn bug Tellier, Brock (Dec 23)
    - Re: BSD chfn bug Stanislav N. Vardomskiy (Dec 25)
    - Re: BSD chfn bug Michal Zalewski (Jul 21)
    - ssh quirks... Scott D. Yelich (Dec 26)
    - Re: ssh quirks... Ryan Permeh (Dec 27)
    - Re: ssh quirks... Scott D. Yelich (Dec 27)
    - Re: ssh quirks... C.J. Oster (Dec 27)
    - Re: ssh quirks... Blue Boar (Dec 27)
    - Re: ssh quirks... Ralph the Wonder Llama (Dec 27)
    - Re: ssh quirks... LaMont Jones (Dec 27)
    - Re: ssh quirks... Kev (Dec 28)
    - Re: ssh quirks... Mark Rafn (Dec 28)
    - Re: BSD chfn bug Warner Losh (Dec 27)
    - any user can make hard links in Unix Benjamin Elijah Griffin (Dec 21)
    - Re: any user can make hard links in Unix Bennett Todd (Dec 22)
    - A Bug in the Recently Released BetaFTPD0.0.8pre7 (fwd) Bubonic (Dec 21)
    - Possible MultiNet FTP server DoS problem. CyberPsychotic (Dec 21)

(Thread continues...)