[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] OT OpenSSH question
- Subject: Re: [cobalt-security] OT OpenSSH question
- From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
- Date: Thu, 30 Jan 2003 04:26:59 +0100
- Organization: SOLARSPEED.NET
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi Rick,
> privilege separation was an issue that caused root compromise, IIRC. It was
> one of the last vulnerabilities of SSH.
That's not entirely correct, but you're right that privilege separation was
involved - as a work around which can limit the impact of a compromise of
OpenSSH.
Some background info:
Usually the entire SSHd daemon runs as user root. So if someone manages to
exploit SSH, then he can gain root access. With privilege separation only a
small portion of SSHd runs with root permissions, while the majority of code
runs with lesser privileges. It'll not stop exploits, but could manage to
lessen the impact of exploits as an attacker will not end up with root access
right away.
Privilege separation is a rather new feature in OpenSSH and it came up with
release 3.3, but still had a few shortcommings back then. In the popular (and
most recent) OpenSSH PKG packages for the Cobalt's privilege separation is
enabled by default.
--
With best regards,
Michael Stauber