Date: Tue, 25 Jun 2002 18:37:56 -0600 From: Brett Glass <brett@lariat.org> To: "Jeroen C.van Gelderen" <jeroen@vangelderen.org> Cc: Mike Silbersack <silby@silby.com>, Brian Nelson <notgod@notgod.com>, Niels Provos <provos@citi.umich.edu>, FreeBSD Security <security@FreeBSD.ORG> Subject: Re: ENOUGH!!! Re: [openssh-unix-announce] Re: Upcoming OpenSSH vu lner ability (fwd) Message-ID: <4.3.2.7.2.20020625183521.00dd9af0@localhost> In-Reply-To: <B33A8B8D-8895-11D6-92C3-000393754B1C@vangelderen.org> References: <4.3.2.7.2.20020625173402.00b4af00@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
Sure! I'll send a note under separate cover with a location where it can be downloaded via HTTP. The important thing is to add the lines UsePrivilegeSeparation yes Compression yes to sshd_config, and also to delete any lines that the newer version complains about (e.g. CheckMail). --Brett At 05:45 PM 6/25/2002, Jeroen C.van Gelderen wrote: >On Tuesday, June 25, 2002, at 07:37 , Brett Glass wrote: > >>Geeze.... Just when someone finally says something nice about >>me on this list.... ;-) >> >>Seriously, though, I'm just being practical. BTW, I've finally >>managed to build a working binary package that will replace the \ >>built-in OpenSSH in place on 4.4, 4.5, and 4.5-RELEASE. You >>may have to change /etc/ssh/sshd_config by hand afterward, but >>then you'll get privilege separation. Anyone who would like >> download or would like to post it, just e-mail. > >That sounds real good (TM). I could put it up for download if you want? > >-J > > >> >>--Brett >> >> >>At 03:43 PM 6/25/2002, Mike Silbersack wrote: >> >> >>>On Tue, 25 Jun 2002, Brian Nelson wrote: >>> >>>>So far, against all odds, Brett Glass has had the most stable, >>>>unemotional, and responsible response to this whole issue... everyone >>>>else likes to yell at you when you don't trust whatever they say because >>>>they are "big head figures" or suffering from "Young Geek Ego(tm)". >>> >>>This just proves that there is an exploit in the wild, and that someone >>>has hacked Brett's box and is impersonating him. :) >>> >>>Mike "Silby" Silbersack >>> >>> >>>To Unsubscribe: send mail to majordomo@FreeBSD.org >>>with "unsubscribe freebsd-security" in the body of the message >> >> >>To Unsubscribe: send mail to majordomo@FreeBSD.org >>with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.2.7.2.20020625183521.00dd9af0>