[Bug 1089] StrictModes needs runtime granularity
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Sat Sep 24 00:48:24 EST 2005
http://bugzilla.mindrot.org/show_bug.cgi?id=1089
------- Additional Comments From tad at tadland.net 2005-09-24 00:48 -------
In O'Reilly's 'SSH: The Secure Shell: The Definitive Guide', is stated:
"Even if StrictModes is enabled, though, it can be defeated... First, sshd can
be compiled with the flag -- enable-group-writeability [Section 4.1.5.2,
"Installation, files, and directories"], which makes group-writable files
acceptable to StrictModes. This can be useful for shared accounts, permitting
all members of a group to modify SSH-related files in an account."
I was under the impression this was referring to OpenSSH.
In short, though, regardless of the existence or lack thereof of such a flag, I
would like to be able to make group-writable acceptable to StrictModes without
having to turn StrictModes off and (so far) I have found no way to do this,
hence my feature request.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-bugs
mailing list