Pedro Margate said the following on Wed, Jan 10, 2001 at 01:40:39PM -0500, > The implementations of ssh that I'm familiar with (ssh and OpenSSH) > install the ssh binary as suid root by default. This can be disabled > during configuration or after the fact with chmod. I believe that would > prevent this exploit from operating. I've turned off the suid bit on > every ssh installation I've performed and it seems to work the same. I'm > not sure what reason ssh has to be suid root, nobody I've asked has any > idea. If you have the following options set in ssh_config RhostsAuthentication yes RhostsRSAAuthentication yes UsePrivilegedPort yes then ssh will connect from a privileged port, which requires root privileges. Jerry Connolly, Eircom.net CIRT -- ejrry^[bxpZZ
- Glibc Local Root Exploit Charles Stevenson
- Re: Glibc Local Root Exploit Ben Collins
- Re: Glibc Local Root Exploit Thomas T. Veldhouse
- Re: Glibc Local Root Exploit Pedro Margate
- Re: Glibc Local Root Exploit Ari Saastamoinen
- Re: Glibc Local Root Exploit Matt Zimmerman
- Re: Glibc Local Root Exploit Andrew Bartlett
- Re: Glibc Local Root Exploit Gordon Messmer
- Re: Glibc Local Root Exploit Jerry Connolly
- Re: Glibc Local Root Exploit Philip Rowlands
- Veritas BackupExec (remote DoS) oh3mqu+bugtraq
- Re: Glibc Local Root Exploit Digital Overdrive
- Re: Glibc Local Root Exploit Michal Zalewski
- Re: Glibc Local Root Exploit Joe
- Re: Glibc Local Root Exploit Digital Overdrive
- Re: Glibc Local Root Exploit Brian
- Re: Glibc Local Root Exploit Ben Greenbaum
- Re: Glibc Local Root Exploit Simon Cozens
- Re: Glibc Local Root Exploit Florian Weimer
