For us AIXers ...
Ben Lindstrom
mouring at etoh.eviladmin.org
Wed Jun 26 05:31:58 EST 2002
On Tue, 25 Jun 2002, Sandor W. Sklar wrote:
> ... who are nervous because:
>
> (a) it seems that there will be a widely-known vulnerability
> and/exploit for OpenSSH available in the coming days, and
>
> (b) the advertised fix for the problem, privilege separation, doesn't
> seem to be working on AIX as of the latest release version of OpenSSH
> (based on the comments I've read; I haven't tried it yet) ...
>
moving aix_usrinfo() into do_setusercontext() is the fix.. And it's
current in the CVS tree. Mr Tucker was nice enough to provide the patch
and verify it.
The only downfall at this point is TTY= is not set by usrinfo(). At this
moment I've not heard from anyone that has stated this is a problem in the
short term.
- Ben
More information about the openssh-unix-dev
mailing list