From owner-freebsd-arch Sat Sep 2 15:58: 5 2000 Delivered-To: freebsd-arch@freebsd.org Received: from Awfulhak.org (tun.AwfulHak.org [194.242.139.173]) by hub.freebsd.org (Postfix) with ESMTP id 40E6C37B423; Sat, 2 Sep 2000 15:58:00 -0700 (PDT) Received: from hak.lan.Awfulhak.org (root@hak.lan.awfulhak.org [172.16.0.12]) by Awfulhak.org (8.9.3/8.9.3) with ESMTP id XAA81494; Sat, 2 Sep 2000 23:57:56 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1]) by hak.lan.Awfulhak.org (8.11.0/8.11.0) with ESMTP id e82MvK775931; Sat, 2 Sep 2000 23:57:20 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Message-Id: <200009022257.e82MvK775931@hak.lan.Awfulhak.org> X-Mailer: exmh version 2.1.1 10/15/1999 To: Brian Somers Cc: Kris Kennaway , "Jacques A. Vidrine" , Neil Blakey-Milner , Poul-Henning Kamp , Dan Nelson , sthaug@nethelp.no, ume@FreeBSD.org, arch@FreeBSD.org, freebsd-arch@FreeBSD.org, brian@Awfulhak.org Subject: Re: setuid ssh should die In-Reply-To: Message from Brian Somers of "Sat, 02 Sep 2000 23:39:47 BST." <200009022239.e82Mdl775769@hak.lan.Awfulhak.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sat, 02 Sep 2000 23:57:20 +0100 From: Brian Somers Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > On Sat, 2 Sep 2000, Brian Somers wrote: > > > > > What do people reckon then (-arch cc'd) ? I'll add > > > > > > #ENABLE_SUIDSSH= true > > > > > > to etc/defaults/make.conf then mention it in ssh_config and make the > > > adjustment to the ssh build so that it defaults to *not* being suid. > > > > I have no problems making ssh non-suid by default since most people dont > > use RhostsRSAAuthentication. > > > > Since I have ssh changes in the works please send me the patches and I'll > > apply them after the upgrade. Please add information to the manpage on how > > to fix it, and a helpful error telling them what to do when the user tries > > to use it. > > That's no problem, except for the ``helpful error'' bit. I don't > think ssh should attempt to interpret the failure to bind a socket. > The perror() should be sufficient in my book. Wait... I'm missing something here. It seems that ssh will exec rsh when FallBackToRsh is enabled. It therefore doesn't need root for anything I know of. Can anybody enlighten me ? -- Brian Don't _EVER_ lose your sense of humour ! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message