Date: Sun, 1 Nov 1998 22:47:20 -0800 (PST) From: dima@best.net (Dima Ruban) To: jkb@best.com (Jan B. Koum ) Cc: dima@best.net, peter.jeremy@auss2.alcatel.com.au, freebsd-security@FreeBSD.ORG, winter@jurai.net Subject: Re: SSH vsprintf patch. (You've been warned Mr. Glass) Message-ID: <199811020647.WAA25893@burka.rdy.com> In-Reply-To: <19981101213817.A11911@best.com> from "Jan B. Koum " at "Nov 1, 1998 9:38:17 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
Jan B. Koum writes: > On Sun, Nov 01, 1998 at 09:13:36PM -0800, Dima Ruban <dima@best.net> wrote: > > Jan B. Koum writes: > > > Which is why when you install ssh, you can run ./configure with > > > "--disable-suid-ssh" argument. > > > > Which will introduce tonns of other problems. > > Such as? > > I have been using ssh this way for about a year and haven't > seen any. Then again - I am not doing anything fancy with ssh. > And no, I don't need to have ssh installed suid just to get > .rhost type authentication. Let me ask you this. Would you trust a packet that came from non-priviledged port and which wants to do something that even remotely should be secure? > > -- Yan > -- dima To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199811020647.WAA25893>