Hi Rick, > privilege separation was an issue that caused root compromise, IIRC. It was > one of the last vulnerabilities of SSH.
That's not entirely correct, but you're right that privilege separation was involved - as a work around which can limit the impact of a compromise of OpenSSH. Some background info: Usually the entire SSHd daemon runs as user root. So if someone manages to exploit SSH, then he can gain root access. With privilege separation only a small portion of SSHd runs with root permissions, while the majority of code runs with lesser privileges. It'll not stop exploits, but could manage to lessen the impact of exploits as an attacker will not end up with root access right away. Privilege separation is a rather new feature in OpenSSH and it came up with release 3.3, but still had a few shortcommings back then. In the popular (and most recent) OpenSSH PKG packages for the Cobalt's privilege separation is enabled by default. -- With best regards, Michael Stauber _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
