chroot + ssh concerns

Ben Lindstrom mouring at
Wed Dec 31 13:21:55 EST 2003

On Tue, 30 Dec 2003, Lev Lvovsky wrote:

> Ben,
> To be honest, I'm personally pushing for an unmodified-ssh way of doing
> things - it's the head of security here that would rather we patch ssh.
> Can you be more specific as to why this is a better idea over patches?
> the "scponly" shell seems to satisfy our needs as well, but the issue
> of code auditing stands for both that, and rssh, so I need to come back
> with some good reasons.

<shrug> I can't justify anything not knowing your environment, but for me
custom OpenSSH (or any other package) is a PITA to maintain internal, and
when you have problems people tend to shy away from helping or require you
to prove it with clean code.

That right there is a solid reason to avoid patching with unapproved

Also, it is easier to verify small programs then patches to large code
bases.  It is very much the case when the people auditing the code has not
spent enough time understand the project, and OpenSSH is a lot of code to
audit and understand what affects a patch may have on it.

- Ben

More information about the openssh-unix-dev mailing list