OpenSSH 4.1: call for testing.
Damien Miller
djm at mindrot.org
Tue Apr 5 12:42:08 EST 2005
Gert Doering wrote:
> NetBSD 2.0.2 on Sparc64 (should find all endianness and word-size issues):
>
> - configure:
>
> WARNING: the operating system that you are using does not
> appear to support either the getpeereid() API nor the
> SO_PEERCRED getsockopt() option. These facilities are used to
> enforce security checks to prevent unauthorised connections to
> ssh-agent. Their absence increases the risk that a malicious
> user can connect to your agent.
>
> out of curiousity: who *does* support this, if not the BSDs? Or is it
> just NetBSD that can't do it yet?
Apparently, there has been an unapplied patch for NetBSD to implement
this since 1.4.2:
http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=10798
Hopefully someone will clean it up and commit it - it is an important
thing to have.
-d
More information about the openssh-unix-dev
mailing list