[OpenAFS-devel] OpenSSH, OpenAFS, Heimdal Kerberos and MIT Kerberos
John Davidorff Pell
johnpell at mac.com
Tue Feb 3 13:11:37 EST 2004
On 2 Feb 2004, at 16:53, Dean Anderson wrote:
> This is why we need a forked version. Sorry.
Its generally not a good idea to fork, unless absolutely necessary. If
privsep does not reduce security (significantly, and I know that its
debatable what "significantly" means), then ignore the people who think
its great, and work on actually fixing the problems/exploits. If it is
in itself a dramatic security risk, then demonstrate that and even
those who like privsep will be able to understand (or be kicked off the
project, I hope) and you've fixed the real project, not just a fork.
Also, if one does not know how to fix a given exploit, and privsep
makes that exploit more difficult, then it gives us time to figure it
out and repair it before a real root exploit is achieved, whereas
without privsep our response must be much quicker, which it often is
Personally, I'm not a big fan of privsep, but "two glass doors" make
more noise when broken, than just one, so I cna understand why many
people like it.
"The New York Times is read by the people who run the country. The
Washington Post is read by the people who think they run the country.
The National Enquirer is read by the people who think Elvis is alive
and running the country ..."
-- Robert J Woodhead
More information about the openssh-unix-dev