Date: Thu, 3 Jun 1999 11:17:46 -0700 From: Matthew Hunt <mph@astro.caltech.edu> To: "David G. Andersen" <danderse@cs.utah.edu> Cc: "Jan B. Koum " <jkb@best.com>, Bill Fumerola <billf@jade.chc-chimes.com>, Unknow User <kernel@tdnet.com.br>, freebsd-security@freebsd.org Subject: Re: SSH2 (in FreeBSD-Questions) Message-ID: <19990603111746.A60419@wopr.caltech.edu> In-Reply-To: <14166.50513.861526.155312@torrey.cs.utah.edu>; from David G. Andersen on Thu, Jun 03, 1999 at 12:12:13PM -0600 References: <375690E3.4BC9BB94@tdnet.com.br> <Pine.BSF.3.96.990603133742.8776C-100000@jade.chc-chimes.com> <19990603110213.B19566@best.com> <19990603110957.C59847@wopr.caltech.edu> <14166.50513.861526.155312@torrey.cs.utah.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jun 03, 1999 at 12:12:13PM -0600, David G. Andersen wrote: > It's SUID so it can obtain the local host private key, for > authentication to the remote machine. This is necessary if you use > ssh with .rhosts/.shosts functionality. > > If you don't care about this functionality, then you don't need it to > be suid. Maybe it would be good if we keep the current behavior as a default, and add some sort of DISABLE_SUID option to the build? Yan, I'm not sure I like the comment on your web page advising people to avoid ports and packages. There's no reason to avoid the ports or packages if you're willing to spend a little time looking at them, like you have to with the source tarballs anyway, and by avoiding the ports you may miss out on FreeBSD enhancements, as is the case with ssh2. I would consider the login.conf patch to be security-related. By all means, if you have security concerns about specific ports, you should let us know! Matt -- Matthew Hunt <mph@astro.caltech.edu> * Stay close to the Vorlon. http://www.pobox.com/~mph/ * To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990603111746.A60419>