Pedro Margate wrote: > > The implementations of ssh that I'm familiar with (ssh and OpenSSH) > install the ssh binary as suid root by default. This can be disabled > during configuration or after the fact with chmod. I believe that would > prevent this exploit from operating. I've turned off the suid bit on > every ssh installation I've performed and it seems to work the same. I'm > not sure what reason ssh has to be suid root, nobody I've asked has any > idea. Ssh was designed as a drop-in replacement for rsh/rlogin, by name if necessary. Therefore, it has to be able to copy rsh's behaviour of originating connections from a privileged port (yes, that's a lame "security" feature"). If you don't need this, remove the SUID bit. I would much prefer distributions to ship an unprivileged ssh client, with guidance on how/why to enable it if necessary. Cheers, Phil
- Glibc Local Root Exploit Charles Stevenson
- Re: Glibc Local Root Exploit Ben Collins
- Re: Glibc Local Root Exploit Thomas T. Veldhouse
- Re: Glibc Local Root Exploit Pedro Margate
- Re: Glibc Local Root Exploit Ari Saastamoinen
- Re: Glibc Local Root Exploit Matt Zimmerman
- Re: Glibc Local Root Exploit Andrew Bartlett
- Re: Glibc Local Root Exploit Gordon Messmer
- Re: Glibc Local Root Exploit Jerry Connolly
- Veritas BackupExec (remote DoS) Philip Rowlands
- Veritas BackupExec (remote DoS) oh3mqu+bugtraq
- Re: Glibc Local Root Exploit Digital Overdrive
- Re: Glibc Local Root Exploit Michal Zalewski
- Re: Glibc Local Root Exploit Joe
- Re: Glibc Local Root Exploit Digital Overdrive
- Re: Glibc Local Root Exploit Brian
- Re: Glibc Local Root Exploit Ben Greenbaum
- Re: Glibc Local Root Exploit Simon Cozens
- Re: Glibc Local Root Exploit Florian Weimer
- Re: Glibc Local Root Exploit Jeffrey Denton
