Date: Sat, 02 Sep 2000 21:15:23 +0100 From: Brian Somers <brian@Awfulhak.org> To: "Jacques A. Vidrine" <n@nectar.com> Cc: Dan Nelson <dnelson@emsphone.com>, sthaug@nethelp.no, phk@critter.freebsd.dk, ume@FreeBSD.ORG, arch@FreeBSD.ORG, brian@Awfulhak.org Subject: Re: setuid ssh should die (Re: Request for review: nsswitch) Message-ID: <200009022015.e82KFN740808@hak.lan.Awfulhak.org> In-Reply-To: Message from "Jacques A. Vidrine" <n@nectar.com> of "Sat, 02 Sep 2000 15:02:21 CDT." <20000902150221.A1263@hamlet.nectar.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Sat, Sep 02, 2000 at 02:58:22PM -0500, Dan Nelson wrote:
> > Rather, it's so it can read the host key, which is only readable by
> > root.
>
> We're talking about ssh, not sshd.
>
> IMHO, ssh should be mode 0555. I have to change this all the time on
> my machines, since I often socksify ssh.
Yes, a make.conf variable would be in order, defaulting to 0555 in
line with FallBackToRsh being set to no in /etc/ssh/ssh_config. It
would also be worth mentioning the make.conf setting in ssh_config.
> --
> Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org
--
Brian <brian@Awfulhak.org> <brian@[uk.]FreeBSD.org>
<http://www.Awfulhak.org>; <brian@[uk.]OpenBSD.org>
Don't _EVER_ lose your sense of humour !
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200009022015.e82KFN740808>