[OpenAFS-devel] Re: OpenSSH, OpenAFS, Heimdal Kerberos and MIT
Kerberos
Damien Miller
djm@mindrot.org
Tue, 27 Jan 2004 09:45:34 +1100
Dean Anderson wrote:
> Right. And there is an easy solution: Turn off Privsep. A process that
> creates new user sessions needs root privileges, and those privileges
> cannot be given away prematurely to "improve security". Privsep is just a
> stupid idea for some programs. Probably for most programs...
Privsep has avoided the last two real security problems found in
portable OpenSSH, and others before that. The security gain has
already been demonstrated.
-d