Date: Sun, 3 Sep 2000 17:59:39 -0700 From: Brooks Davis <brooks@one-eyed-alien.net> To: Warner Losh <imp@village.org> Cc: "Jacques A. Vidrine" <n@nectar.com>, arch@FreeBSD.ORG Subject: Re: setuid ssh should die Message-ID: <20000903175939.B310@Odin.AC.HMC.Edu> In-Reply-To: <200009022222.e82MMqG02383@billy-club.village.org>; from imp@village.org on Sat, Sep 02, 2000 at 04:22:52PM -0600 References: <20000902160156.D1263@hamlet.nectar.com> <200009022015.e82KFN740808@hak.lan.Awfulhak.org> <41784.967926245@critter> <20000902223244.A39844@mithrandr.moria.org> <20000902160156.D1263@hamlet.nectar.com> <200009022222.e82MMqG02383@billy-club.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Sep 02, 2000 at 04:22:52PM -0600, Warner Losh wrote: > Put me down for "turn of setuid" bit. It is needed only for rsh > compatibility (yes, in the client), but we shouldn't encourage that > usage of ssh. I will comment that while I definatly want to see RSH die, I'm on networks where I'm forced to use ssh as a slightly better rsh instead of a secure login system because some of the admins couldn't tie their shoes without help. In those cases it's really nice to just force ssh to use RSH auth and use the config aliasing feature to allow me to connect to machines that aren't in DNS by name. I guess I'm just pointing out that there are cases where this feature is quite useful though I'd not scream about it as long as there's a make.conf option to restore the old (evil) behavior. -- Brooks -- Any statement of the form "X is the one, true Y" is FALSE. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000903175939.B310>