--{enable/disable}-suid-ssh removed, rhosts auth gone when UID != 0
Robert Dahlem
Robert.Dahlem at siemens.com
Wed Jul 3 22:54:36 EST 2002
Hi,
According to ChangeLog someone "(bal)" removed -{enable/disable}-suid-ssh
from configure (dating from 2002/06/07). Don't know the reason, probably
this has something to do with PrivilegeSeparation.
Consequence is: Users with UID != 0 are no longer able to allocate
privileged ports, sshd answers "Rhosts Authentication disabled,
originating port will not be trusted". Bang, there they sit. :-)
Ok, "chmod u+s ssh scp" does help as first aid.
My question is: Is SUID on ssh/scp considered dangerous? Are there other
reasons one should avoid this?
Regards,
Robert
--
Robert.Dahlem at siemens.com
Siemens Business Services - FS GF KORDOBA-Outsourcing
Tel: +49-69-797-6530 Fax: +49-69-797-6599
----------------------------------------------------------------------
Sent using PMMail (http://www.pmmail2000.com) - fast, decent, email
software; far better than Outlook. Try it sometime.
More information about the openssh-unix-dev
mailing list