[OpenAFS-devel] Re: OpenSSH, OpenAFS, Heimdal Kerberos and MIT Kerberos

Damien Miller djm at mindrot.org
Tue Jan 27 09:45:34 EST 2004


Dean Anderson wrote:
> Right. And there is an easy solution: Turn off Privsep.  A process that
> creates new user sessions needs root privileges, and those privileges
> cannot be given away prematurely to "improve security".  Privsep is just a
> stupid idea for some programs.  Probably for most programs...

Privsep has avoided the last two real security problems found in
portable OpenSSH, and others before that. The security gain has
already been demonstrated.

-d




More information about the openssh-unix-dev mailing list