Date: Thu, 1 Jan 1998 15:31:28 -0500 (EST) From: mgraffam@mhv.net To: Steve Hovey <shovey@buffnet.net> Cc: questions@FreeBSD.ORG Subject: Re: HACKED (again) Message-ID: <Pine.LNX.3.96.980101152832.28029B-100000@localhost> In-Reply-To: <Pine.BSI.3.95.980101111731.24847F-100000@buffnet11.buffnet.net>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- On Thu, 1 Jan 1998, Steve Hovey wrote: > I personally dont trust ssh - I have no other reason not to trust it than > that I suffered a root incursion once shortly after installing it - since > it was the last thing in, I did not reinstall it when I rebuilt the > system. I dont think this is necessarily a problem with ssh. Ssh's security can be circumvented through the insecurity of other things that are running, such as ftp. While I havent looked over every line of ssh source, what I have seen shows good technique against programming glitches that allow root access through broken suid programs, and the crypto looks fine when compared against other (trusted) implementations. Michael J. Graffam (mgraffam@mhv.net) http://www.mhv.net/~mgraffam -- Philosophy, Religion, Computers, Crypto, etc "Enlightenment is man's emergence from his self-incurred immaturity. Immaturity is the inability to use one's own understanding without the guidance of another. . .Sapere aude! Have the courage to use your own understanding!" - Immanuel Kant "What is Enlightenment?" -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use Charset: noconv iQCVAwUBNKv9JQKEiLNUxnAfAQFhqgP9GAWbMZ+F1/dx634ia2suM3A++O59vDo3 n5tQZq6sCOR4Sa6tDdhxNnR60XVWXQ4MESHut/FuyI19ncq3AvBxrp489OU9C5Mx rNTtbqFX2zHpxgUQo53RiGO00aPCsZSr54DySSRmv65XiT8WBbRT/Ty9p+80hjH7 9XDLgm0Dmhw= =RcAE -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.3.96.980101152832.28029B-100000>