PATCH: sftp-server logging.

Ben Lindstrom mouring at etoh.eviladmin.org
Tue Mar 19 04:01:07 EST 2002


I personaly would not be against having logging in sftp-server if it
mirrored how TRACE macro works.

But I think the logging macro and TRACE() macros should complement.  If
that means moving some of the TRACE() to logging status instead of
debugging status (little formating, but still keeping the SAME useful
information).  Then that would be the correct thing to do.

Besides, I hate #ifdef.. I personally would reject it based on that
myself.

BTW.. I won't get into the 'HTTPD' as nobody argument.=)  I reconfigure
every apache server I manage to run as 'httpd' user.  Or with Apache 2.0
in per-child mode I set it to whoever the owner of the vhost is.  Since
I could care less if they screw with their own httpds. =)

- Ben

On Mon, 18 Mar 2002, Dan Kaminsky wrote:

> > > sftp-server is a system service
> >
> > this is a misconception. currenlty sftp-server is not
> > a system service, it's just something like ls or at.
>
> ftp is a system service
> sftp implies more secure than ftp, not less
>
> since ftp generally lacks process execution privs(exec usually disabled),
> while sftp presently requires it, ftp is more secure than sftp.  the worst
> case scenario for an ftp password leak is file leakage; the worst case
> scenario for a sftp password leak is generally root compromise (most OS's
> can't withstand a local intruder with a shell, except openbsd).
>
> if you do not accept the above analysis, I've got a file for you to put in
> your web server's cgi-bin.  don't worry, you trust me to download files, why
> not to execute code :)
>
> this is a problem.  it will eventually need to get solved.  no
> misconceptions, I understand exactly how sftp-server is presently
> implemented; that's why I didn't document it :-)  not ready to replace
> anon/restricted ftp, which is a major domain of that protocol.
>
> apache is run by nobody all over the place; anyway, the point is it sure as
> hell ain't run as root :-)  file transfer has slightly different rules,
> that's all i'm sayin.
>
> --dan
>
>
> _______________________________________________
> openssh-unix-dev at mindrot.org mailing list
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
>




More information about the openssh-unix-dev mailing list