https://bugzilla.mindrot.org/show_bug.cgi?id=3428
Damien Miller <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |WONTFIX CC| |[email protected] --- Comment #1 from Damien Miller <[email protected]> --- Sorry, but this has been discussed extensively in the past (e.g. this thread https://marc.info/?t=122641302700006&r=1&w=2) and we do not intend to make changes to ChrootDirectory permission requirements. The CVE you mention occurred because Redhat ignored this and patched their sshd to relax these requirements. It never affected the version of OpenSSH that we ship. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
