Upcoming OpenSSH vulnerability

Damien Miller djm at mindrot.org
Thu Jun 27 09:33:36 EST 2002


On Wed, 2002-06-26 at 19:44, Corinna Vinschen wrote:

> > How long has the opportunity to port privilege separation been there?
> 
> It's not privilege separation since that hasn't to be ported.  It's
> the OS dependend concepts used by privilege separation. 

I have been telling people that privsep will be switched on by default
in the next release since it showed up in the builds. 

Look what happened:

- Did anyone test it? A couple of people (no vendors)

- Did anyone comment on my patches to get it working more completely?
None, just complaints

That's why we're annoyed.

-d

(Not singling out Corinna here, just the attitude)




More information about the openssh-unix-dev mailing list