[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Significant OpenSSH Vulnerability ??

Subject: Re: [cobalt-security] Significant OpenSSH Vulnerability ??
From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
Date: Thu, 27 Jun 2002 18:35:37 +0200
Organization: SOLARSPEED.NET
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi Jay,

> >> --with-privsep-path=/home/sites
>                        ^^^^^^^^^^^
> I could be wrong, but don't you want to create an empty directory for the
> privsep option? 

Correct.

That path was in the configure options of the first OpenSSH-3.3p1 I released, 
the one where Privilege Separation was turned off anyway. In OpenSSH-3.3p1-2 
and OpenSSH-3.4p1 it was correctly set to /var/empty as suggested in the 
OpenSSH Readme.

-- 

Mit freundlichen Grüßen / With best regards

Michael Stauber
mstauber@xxxxxxxxxxxxxx
Unix/Linux Support Engineer

References:
- Re: [cobalt-security] Significant OpenSSH Vulnerability ??
  - From: Jay Summers

Prev by Date: Re: [cobalt-security] RaQ3-RaQ4-OpenSSH-3.4p1-1.pkg
Next by Date: [cobalt-security] Is someone getting in on my FTP?
Previous by thread: Re: [cobalt-security] Significant OpenSSH Vulnerability ??
Next by thread: Re: [cobalt-security] Significant OpenSSH Vulnerability ??

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index