Re: F-SECURE /usr/local/sbin/sshd
From: Darren Tucker (dtucker_at_dodgy.net.au)
Date: 12/18/03
- Previous message: ian maclure: "Re: no password ssh to accounts sharing NFS'd HOME"
- In reply to: all mail refused: "F-SECURE /usr/local/sbin/sshd"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 18 Dec 2003 08:45:27 GMT
In article <slrnbu1is9.8rd.elvis@notatla.org.uk>,
all mail refused <elvis@notatla.org.uk> wrote:
>What's the correct filemode for this binary ? I searched the web.
>I've seen one installed as -rws--x--x root sys and I hope that's a mistake.
>It's version 1.3.6, not that it probably matters.
I can't see any reason why sshd would need to be setuid. Some versions
of ssh needed to be setuid/setgid as they needed to read private host
keys, so perhaps this was done in error. 0755 (or 0500 if you're
paranoid) would seem right.
>Also CAN-2001-0144 mentions F-SECURE sharing some problems with other SSH
>implementations - no big surprise given the common code origins. What's
>the truth of the assertion that they do not suffer from the September 2003
>problems ? Any test results available either way ?
Which September 2003 problems are you referring to? CAN-2003-0693?
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
- Previous message: ian maclure: "Re: no password ssh to accounts sharing NFS'd HOME"
- In reply to: all mail refused: "F-SECURE /usr/local/sbin/sshd"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
