Re: Fix for ssh-1.2.27 symlink/bind problem

From: Markus Friedl (markus.friedlat_private-ERLANGEN.DE)
Date: Tue Oct 26 1999 - 13:07:05 PDT

Next message: Sweeney, Patrick: "Re: Hotmail security vulnerability (viruses)"

Previous message: Inc, MSG.Net: "Re: Remote DoS in Axent's Raptor 6.0"
Maybe in reply to: Scott Gifford: "Fix for ssh-1.2.27 symlink/bind problem"
Next in thread: Wietse Venema: "Re: Fix for ssh-1.2.27 symlink/bind problem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Oct 25, 1999 at 07:05:01PM -0400, Wietse Venema wrote:
> I was talking about seteuid(), which leaves real uid == 0, so that
> the process remains protected against groping by unprivileged users.

all I was trying to say is:
  1) ssh _did_ use seteuid() for swapping uids (until version 1.2.12. ossh
     and openssh still use seteuid() and are not vulnerable to this attack).
  2) post-ssh-1.2.12 uses a different, more complex approach and failes.

Next message: Sweeney, Patrick: "Re: Hotmail security vulnerability (viruses)"
Previous message: Inc, MSG.Net: "Re: Remote DoS in Axent's Raptor 6.0"
Maybe in reply to: Scott Gifford: "Fix for ssh-1.2.27 symlink/bind problem"
Next in thread: Wietse Venema: "Re: Fix for ssh-1.2.27 symlink/bind problem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:08:57 PDT