[OpenAFS-devel] Re: OpenSSH, OpenAFS, Heimdal Kerberos and MIT Kerberos

Dean Anderson dean@av8.com
Tue, 27 Jan 2004 18:54:40 -0500 (EST)


Really?  Is there any links to what was avoided?  I'd like to look at
these in detail before I concede that anything of values has been
demonstrated.  I've heard these claims before, but I could not find any 
substantiating details---the claims are dubious at best.

		--Dean

On Tue, 27 Jan 2004, Damien Miller wrote:

> Dean Anderson wrote:
> > Right. And there is an easy solution: Turn off Privsep.  A process that
> > creates new user sessions needs root privileges, and those privileges
> > cannot be given away prematurely to "improve security".  Privsep is just a
> > stupid idea for some programs.  Probably for most programs...
> 
> Privsep has avoided the last two real security problems found in
> portable OpenSSH, and others before that. The security gain has
> already been demonstrated.
> 
> -d
>