OpenSSH 3.9p1 - Solaris/SPARC
Darren Tucker
dtucker at zip.com.au
Wed Sep 8 06:58:33 EST 2004
Slawomir Stanczak wrote:
> I use OpenSSH version 3.8.1p1. It works very good.
> I compile new version OpenSSH 3.9p1 but I get following
> warning:
[snip autoconf and getpeereid warnings]
> Is it bug in openssh, solaris, gcc or autoconf ?
No, they're both warnings.
The first one is because the autoconf folks appear to be changing the
way the AC_CHECK_HEADERS macro work (and, to their credit, they're
providing sufficient warning). This particular instance has already
been fixed in the development version.
The second one is also a warning about Solaris' lack of any way to
figure out who owns the process connecting to a Unix domain socket (at
least, any that we know about, if there *is* a way then we'd like to use
it). The risk here is that if the perms on the agent socket get messed
up then a malicious user could trick your agent into authenticating a
connection for them. This has always been the case on many platforms,
but the warning for such platforms is new.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list