httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Slemko <ma...@worldgate.com>
Subject Re: pserver on taz?
Date Sun, 22 Jun 1997 13:06:09 GMT
sshd ain't gonna trust a client on a port >1023 for .rhosts now, is it?

On Sun, 22 Jun 1997, Ben Laurie wrote:

> Marc Slemko wrote:
> > 
> > On Sun, 22 Jun 1997, Ben Laurie wrote:
> > 
> > > Hmmm - fixed FreeBSD. In order to use ssh with CVS, I installed it (I'd been
> > > using it from the build directory, a bad habit of mine). Installing it made
it
> > > setuid root, which allowed it to set the local port to 1023, which meant my
> > > firewall blocked it. Removing the setuid bit fixed it. Why does it need
> > > setuid? I'm using 1.2.20, BTW.
> > 
> > ssh/sshd can do authorization based on .rhosts files if you allow them.
> > If it isn't setuid, it can't do that.  It also can't read the host's
> > private key.
> 
> Errr ... that's sshd, right? Why does ssh need it?
> 
> Cheers,
> 
> Ben.
> 
> -- 
> Ben Laurie                Phone: +44 (181) 994 6435  Email: ben@algroup.co.uk
> Freelance Consultant and  Fax:   +44 (181) 994 6472
> Technical Director        URL: http://www.algroup.co.uk/Apache-SSL
> A.L. Digital Ltd,         Apache Group member (http://www.apache.org)
> London, England.          Apache-SSL author
> 


Mime
View raw message