Date: Tue, 25 Jun 2002 12:45:33 -0500 From: Christopher Schulte <schulte+freebsd@nospam.schulte.org> To: Lord Raiden <raiden23@netzero.net>, Christopher Schulte <schulte+freebsd@nospam.schulte.org>, Marco Radzinschi <marco@radzinschi.com>, FreeBDS-Questions <freebsd-questions@freebsd.org> Subject: Re: Upcoming OpenSSH vulnerability (fwd) Message-ID: <5.1.1.6.2.20020625124040.041c50f0@pop3s.schulte.org> In-Reply-To: <4.2.0.58.20020625134233.009992b0@pop.netzero.net> References: <5.1.1.6.2.20020624224948.02923518@pop3s.schulte.org> <20020624234646.G22328-100000@mail.radzinschi.com>
next in thread | previous in thread | raw e-mail | index | archive | help
At 01:43 PM 6/25/2002 -0400, Lord Raiden wrote: > Ok, well we're still running OpenSSH 3.1 from the last security > upgrade recommendation. Should we go straight to 3.3 or wait for the > final fix? I believe the idea is to offer an upgrade to 3.3 now with privsep enabled ( 'UsePrivilegeSeparation yes' in sshd_config ) and be immune to the bug, then update to 3.3.1 (3.4?) when the full disclosure happens early next week. > Secondly how do you enable this priv separation thing in the > config file? I'm unfamiliar with that. See above. -- Christopher Schulte http://www.schulte.org/ Do not un-munge my @nospam.schulte.org email address. This address is valid. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.1.6.2.20020625124040.041c50f0>