Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

dailydave logo Dailydave mailing list archives

Re: PrivSep
From: Damien Miller <djm () mindrot org>
Date: Thu, 21 Jun 2007 09:50:30 +1000 (EST)
On Wed, 20 Jun 2007, Sebastian Krahmer wrote:


Honestly, if someone owns your PrivSep'ed sshd remotely; with all the
kernel exploits once in a while; will this really protect you?


No, and Niels' original privsep paper made this quite clear. It does
reduce the risk a little: an attacker who has gained control over the
unprivileged process sees a smaller system attack surface than one 
who can open random /dev nodes, exec() setuid binaries, etc.


It rather adds a complexity which leads to comments such as
'Fix a bug in the sshd privilege separation monitor that weakened its 
verification of successful authentication. ...' in the ChangeLog.


Actually, it was item #1 on openssh-4.5's release notes and clearly
marked as a security bug - not buried in a Changelog.

-d
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

  By Date           By Thread  

Current thread:
  • PrivSep Sebastian Krahmer (Jun 19)
    • Re: PrivSep Darren Spruell (Jun 20)
      • Re: PrivSep Sebastian Krahmer (Jun 20)
        • Re: PrivSep Damien Miller (Jun 20)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]