Date: Mon, 9 Nov 1998 09:19:57 +0100 From: Harold Gutch <logix@foobar.franken.de> To: Marc Slemko <marcs@znep.com>, Phillip Salzman <psalzman@gamefish.pcola.gulf.net> Cc: pal <pal@PaLaDiN7.ml.org>, sporkl@ix.netcom.com, freebsd-current@FreeBSD.ORG, osa@freebsd.org.ru Subject: Re: SSH 2.0.10 BUG? (!) Message-ID: <19981109091957.A22438@foobar.franken.de> In-Reply-To: <Pine.BSF.4.05.9811081938100.8174-100000@alive.znep.com>; from Marc Slemko on Sun, Nov 08, 1998 at 07:39:14PM -0800 References: <Pine.BSF.4.05.9811090329010.5722-100000@gamefish.pcola.gulf.net> <Pine.BSF.4.05.9811081938100.8174-100000@alive.znep.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Nov 08, 1998 at 07:39:14PM -0800, Marc Slemko wrote: > On Mon, 9 Nov 1998, Phillip Salzman wrote: > > make it +s > > DO NOT. > > Doing so would quite possibly introduce a major security hole. Very few > daemons are designed to have the setuid bit set, for the simple reason > that if they have to be root they are normally already root. > sshd has to run as root if you want to be able to login as more than the user it runs as. What difference should an suid-bit make if it belongs to root and it's run by root anyway ? Not that it would be of any use, I just don't see how it should do any harm or even "indroduce a major security hole". Other than that sshd doesn't have an suid bit set on any system I know of, but it does write the users which login to utmp. I have never used sshd2 though, so perhaps it is a bug in sshd2. > > On Sun, 8 Nov 1998, pal wrote: > > > > > its: > > > > > > -rwxr-xr-x 1 root wheel 1310188 28 20:57 sshd2 -- bye, logix <Shabby> Sleep is an abstinence syndrome wich occurs due to lack of caffein. Wed Mar 4 04:53:33 CET 1998 #unix, ircnet To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19981109091957.A22438>