[OpenAFS-devel] Re: OpenSSH, OpenAFS, Heimdal Kerberos and MIT Kerberos

[Damien Miller]

Dean Anderson wrote:
> Right. And there is an easy solution: Turn off Privsep.  A process that
> creates new user sessions needs root privileges, and those privileges
> cannot be given away prematurely to "improve security".  Privsep is just a
> stupid idea for some programs.  Probably for most programs...

Privsep has avoided the last two real security problems found in
portable OpenSSH, and others before that. The security gain has
already been demonstrated.

-d