From: Tom Syroid (tom@SYROIDMANOR.COM)
Date: Tue Jun 25 2002 - 16:29:01 EDT
Oh NOW you tell me... ;-)
Thanks, Sandy. I've been trying to get Privilege Separation working on my
box all morning, and I was just about to pull out my remaining hair...
Best,
/tom
--On Tuesday, June 25, 2002 12:55 -0700 "Sandor W. Sklar"
<ssklar@STANFORD.EDU> wrote:
> Folks,
>
> For those AIXers who are unaware, it appears that, early next week,
> details of a root exploit in OpenSSH will be made public. The only
> suggested protection against this vulnerability is to upgrade to the
> recently released OpenSSH version 3.3.
>
> That release contains new functionality called "Privilege
> Separation"; unfortunately, PrivSep does not work on AIX in that
> release version. According to members of the openssh-unix-dev
> mailing list, the current CVS version of OpenSSH has a fix in it for
> the AIX problem.
>
> For more information about all of the above, I'd suggest checking out
> <http://www.openssh.com>; note that the webpage says that 3.4 will be
> out on Monday, but I'm assuming that is the OpenBSD-only release, not
> the portable one needed for AIX.
>
> -S-
> --
> Sandor W. Sklar - Unix Systems Administrator - Stanford University
> ITSS Non impediti ratione cogitationis.
> http://whippet.stanford.edu/~ssklar/
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 22:16:00 EDT