Wichert Akkerman [EMAIL PROTECTED] writes:
Debian Security Advisory DSA-134-2 [EMAIL PROTECTED]
http://www.debian.org/security/ Wichert Akkerman
June 25, 2002
On Tue, 2002-06-25 at 15:57, Kruskal wrote:
Has anyone applied this update yet? I did so on a potato box, enabled
priv separation in the sshd config file and restarted sshd. I saw
that a user called sshd was created. However, when I ssh'ed in, I
didn't see any processes owned by sshd. In
I have prefered wait a real bugfixe and in waiting I have installed
telnetd-ssl and block all ssh traffic in the firewalls
On Tue, 2002-06-25 at 15:57, Kruskal wrote:
Wichert Akkerman [EMAIL PROTECTED] writes:
On Tue, Jun 25, 2002 at 02:37:12PM +0200, Wichert Akkerman remarked:
-BEGIN PGP SIGNED MESSAGE-
-
Debian Security Advisory DSA-134-2 [EMAIL PROTECTED]
http://www.debian.org/security/
Mark Janssen [EMAIL PROTECTED] writes:
On Tue, 2002-06-25 at 15:57, Kruskal wrote:
Has anyone applied this update yet? I did so on a potato box, enabled
priv separation in the sshd config file and restarted sshd. I saw
that a user called sshd was created. However, when I ssh'ed in, I
This one time, at band camp, Raymond Wood said:
Potato and Woody are both patched then. What is the recommended
course of action for those running Sid? Should Sid users
install the Woody patch, or is this a bad idea?
Thanks for all the hard work Debian Security people!
Cheers,
Raymond
[Raymond Wood wrote in newsgate.debian.security]
Potato and Woody are both patched then. What is the recommended
course of action for those running Sid? Should Sid users
install the Woody patch, or is this a bad idea?
Personally, I've dist-upgraded all woody and sid boxen I have, the sid
On Tue, 2002-06-25 at 16:50, Rob Andrews wrote:
[Raymond Wood wrote in newsgate.debian.security]
Potato and Woody are both patched then. What is the recommended
course of action for those running Sid? Should Sid users
install the Woody patch, or is this a bad idea?
Personally, I've
On Tue, 2002-06-25 at 18:27, Tycho Fruru wrote:
In the recommended config it would be something like /var/empty, not
writable by the sshd user. I don't have a system handy to verify
whether the package does the right thing here though.
The debian package chroots to the empty and root:root
On Tue, 25 Jun 2002 14:50:30 + (UTC)
Rob Andrews [EMAIL PROTECTED] wrote:
Oh, the package created an 'sshd' user, and set it's homedir to
$HOMEDIRS/sshd, but didn't create the homedir itself. Since there isn't any
PoC code to test this with, I don't know how the chroot will end up.
10 matches
Mail list logo
