Possible security flaw in OpenSSH and/or pam_krb5

Nicolas Williams Nicolas.Williams at sun.com
Wed Jun 22 03:26:10 EST 2005


On Sat, Jun 18, 2005 at 08:47:41AM +1000, Damien Miller wrote:
> No, it is just an preference to discuss something concrete (patches)
> over pointless "OpenSSH should/shouldn't do this, OpenSSH developers are
> misguided/dumb/eat babies because ..." arguments.
> 
> I never guaranteed that any patches would be accepted, but at least they
> could advance this discussion to the point where it has the potential to
> be productive.

Oh, I understand that you can't guarantee that you'd accept a patch.

But you'd have to agree to consider a given approach if you want someone
else to do the work, no?

So, do you have any reason to consider event loop nesting out of the
question?

As I see it there's only one reasonable, portable, solution: nest the
event loop.  In the privsep case only the monitor need nest its event
loop.

Nico
-- 




More information about the openssh-unix-dev mailing list