https://bugzilla.mindrot.org/show_bug.cgi?id=1733

--- Comment #18 from Philip Prindeville <phil...@redfish-solutions.com>  ---
(In reply to comment #16)

> In the end, there's no sense having a setting which provides no
> security whatsoever (but looks like it does). If a user is malicious,
> they can compile their own ssh client with the settings they want and
> bypass your config anyways. Since the kernel doesn't enforce any
> privileges on the setting of the DSCP markings, you shouldn't either.
> Thus it only makes sense to provide a configurable default.

This is a specious argument.

Look at the man page for libresolv.

The path to /etc/resolv.conf is hardwired in the binary, and that file
isn't writable by users.

Yes, users could link against their own version of libresolv, but what
would be the point?  They'd just be opening themselves to pointing to
the wrong server, an unreliable server, or perhaps even a server that's
been compromised and exposes them to DNS-based exploits.

Similarly, there's no interest in having users have their own binaries
for ssh that can inject packets with detrimental QoS markings, because
they will be making things worse for themselves in the end.  And
there's no interest in users having their own QoS settings just as
there's no interest in their having their own /etc/resolv.conf file.

Yes, you can do it... but why?  What does it really get you?

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

Reply via email to