Date: Mon, 22 Jan 1996 16:58:10 -0800 (PST) From: dima@FreeBSD.org (Dima Ruban) To: ache@astral.msk.su (=?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?=) Cc: peter@jhome.DIALix.COM, ports@FreeBSD.org, security@FreeBSD.org Subject: Re: ssh /etc config files location.. Message-ID: <199601230058.QAA06967@freefall.freebsd.org> In-Reply-To: <cFkCs0niw3@ache.dialup.ru> from "=?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?=" at Jan 22, 96 01:13:02 pm
next in thread | previous in thread | raw e-mail | index | archive | help
=?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?= writes:
>
> In message <Pine.BSF.3.91.960122165925.395E-100000@jhome.DIALix.COM>
> Peter Wemm writes:
>
> >I am still somewhat disturbed with the location of some rather critical
> >"per site" info from ssh in /usr/local/etc.. Specifically the ssh host
> >secret keys, and the per-site config files.
>
> >This is (IMHO) rather dangerous. If you NFS mount /usr/local, this will
> >screw you rather badly.
>
> >There are precedents against this too.. gated keeps it's config files in
> >/etc.
>
> There are precedent _for_ this, tcp_wrapper uses /usr/local/etc.
>
> Using NFS for /usr/local/bin/{security_binaries} is big risk too
> because they can be changes (like config files).
> I don't see the point to move security-related configs to /etc
> and _not_ to move security binaries from /usr/local.
This is more complicated. Because sometimes you don't need
to modify something to get in. I mean, for example with
tcp_wrapper, you can try to break from trusted computer.
And if someone knows, from which computer
he should try, it will increase his chances.
And finaly it will depend on security on this trusted
computer, and not on yours.
> So there is two normal solutions:
> 1) Leave all as is in /usr/local, but not mount it over NFS
> 2) Move configs & binaries _both_ off /usr/local.
>
> I disagree with proposed solution (moving configs only to /etc).
That's what I'm doing on my machine, because I forced to export
/usr/local/ to other computers. Even if I'm exporting 'em read-only.
> >PS: IMHO, it was a mistake adding the BUILD_DEPENDS in wish and perl5. it
> >build's fine without them. It seems silly to require X11 to be installed
> >in order to build the port..
>
> It builds fine, but incomplete, namely:
>
> ssh-askpass needs wish
> make-ssh-known-hosts needs perl5
>
> So here is two variants:
> 1) They are essential, so BUILD_DEPENDS is essential too.
> 2) They don't play big role. In this case they need to be controlled
> via USE_* variables like other stuff in ssh Makefile. I.e. corresponding
> BUILD_DEPENDS must be ifdefed.
>
> Removing BUILD_DEPENDS is bad in any case.
>
> --
> Andrey A. Chernov : And I rest so composedly, /Now, in my bed,
> ache@astral.msk.su : That any beholder /Might fancy me dead -
> http://dt.demos.su/~ache : Might start at beholding me, /Thinking me dead.
> RELCOM Team,FreeBSD Team : E.A.Poe From "For Annie" 1849
>
-- dima
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199601230058.QAA06967>