[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Upcoming OpenSSH vulnerability

To: Marco Radzinschi <marco@radzinschi.com>
Subject: Re: Upcoming OpenSSH vulnerability
From: jolan <jolan@enteract.com>
Date: Tue, 25 Jun 2002 22:50:41 -0500 (CDT)
Cc: <misc@openbsd.org>

> I don't have the patience to patch OpenSSH and re-patch it again next
> week, so I think I'll just have pf block port 22. :-)

you're missing the point.

you don't have to patch it next week if you enable privsep.

and hopefully, you will never have to patch it ever again for holes.

and you're not patching, you're upgrading and enabling privsep.

patching comes when the vulnerability and patches are announced to the
world. (which will hopefully all be using privsep anyway, and if not,
then when another remote root hole is discovered, the people who didn't
incorporate privsep will be laughed at in a hysterical manner)

- jolan

References:
- Re: Upcoming OpenSSH vulnerability
  - From: Marco Radzinschi <marco@radzinschi.com>

Prev by Date: openssh 3.3p on OpenBSD 3.0+errata
Next by Date: Re: Compaq Smart Array 532
Prev by thread: Re: Upcoming OpenSSH vulnerability
Next by thread: Re: Upcoming OpenSSH vulnerability
Index(es):
- Date
- Thread