Upcoming OpenSSH vulnerability
Chris Adams
cmadams at hiwaay.net
Wed Jun 26 12:21:58 EST 2002
Once upon a time, Steve VanDevender <stevev at darkwing.uoregon.edu> said:
> I, personally, would much rather have a patch that fixes the real
> security problem now for the platforms for which privilege separation is
> problematic (like Tru64 UNIX with C2 security) so that my systems will
The next release will support privsep on Tru64 for pre-auth but not
post-auth.
As far as I can see, post-auth privsep just won't work for post-auth on
Tru64. setup_session_sia() needs to be called as root, and if a PTY is
to be allocated, needs to be called after the PTY is allocated and
connected to the client.
--
Chris Adams <cmadams at hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
More information about the openssh-unix-dev
mailing list