Lo, on Wednesday, June 26, Colin Watson did write: > On Wed, Jun 26, 2002 at 03:39:49PM -0400, Reid Gilman wrote: > > 3.4 contains bugfixes for a few problems I don't completely understand > > but I believe that there was a bug that could allow root access. > > If you're running 3.3 with privilege separation enabled (as it is by > default), most remote root exploits become remote exploits of the sshd > user, which is considerably less serious.
So, I'm running ssh 3.3 as packaged for woody. I don't have UserPrivilegeSeparation turned off in any config files, but I still see the following: [nanny-ogg:~]$ ps aux | grep [s]shd root 268 0.0 0.2 2788 716 ? S 06:19 0:00 /usr/sbin/sshd sshd is still running as root. Is this what I should be seeing? I would have thought, from the descriptions of privilege separation, that this process would be running as `sshd'. Or is there some other access-control mechanism going on here? I'm also observing this on the 3 potato machines I administer as well, though of course they're running ssh version 3.3p1-0.0potato6. > 3.4 added fixes for the real problems rather than just bandaging over > them. Any word on when 3.4 will be available as a .deb? Richard -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]