[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Significant OpenSSH Vulnerability ??
- Subject: Re: [cobalt-security] Significant OpenSSH Vulnerability ??
- From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
- Date: Thu, 27 Jun 2002 18:35:37 +0200
- Organization: SOLARSPEED.NET
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi Jay,
> >> --with-privsep-path=/home/sites
> ^^^^^^^^^^^
> I could be wrong, but don't you want to create an empty directory for the
> privsep option?
Correct.
That path was in the configure options of the first OpenSSH-3.3p1 I released,
the one where Privilege Separation was turned off anyway. In OpenSSH-3.3p1-2
and OpenSSH-3.4p1 it was correctly set to /var/empty as suggested in the
OpenSSH Readme.
--
Mit freundlichen Grüßen / With best regards
Michael Stauber
mstauber@xxxxxxxxxxxxxx
Unix/Linux Support Engineer