This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [ANNOUNCEMENT] Updated: OpenSSH-3.5p1-1

From: Corinna Vinschen <corinna-cygwin at cygwin dot com>
To: cygwin at cygwin dot com
Date: Fri, 8 Nov 2002 15:28:10 +0100
Subject: Re: [ANNOUNCEMENT] Updated: OpenSSH-3.5p1-1
References: <F134oznxWrwjvzWvTlt000010f3@hotmail.com>
Reply-to: cygwin at cygwin dot com

On Thu, Nov 07, 2002 at 09:23:30AM -0800, Karl M wrote:
> The behavior I see now is that if I do
> 
> chown administrators.none /etc/ssh_host_rsa_key*
> chmod 777 /etc/ssh_host_rsa_key*
> 
> Then with StrictModes enabled, sshd will start and run just fine (running as 
> 
> system). But if I then do
> 
> chown system.none /etc/ssh_host_rsa_key*
> 
> Then sshd fails to start. But I (think I) recall that in the past the 
> protection had to be tight and the owner had to be system for sshd to start? 

I checked that and could reproduce it.  I talked to one of the OpenSSH
maintainers and he confirmed that behaviour as normal.  From my point
of view it's a security weakness but...

Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                                mailto:cygwin@cygwin.com
Red Hat, Inc.

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

References:
- Re: [ANNOUNCEMENT] Updated: OpenSSH-3.5p1-1
  - From: Karl M

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]