Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Vulnerability Development: Re: ssh quirks...

Re: ssh quirks...

From: C.J. Oster <lordvadr_at_POBOX.COM>
Date: Mon, 27 Dec 1999 13:28:26 -0600

It's not so much sandard behavior, but sshd's unability to chdir into
$HOME. Why it doesn't let you log in is beyond me, but any other login
method will at least complain if you did something like 'chmod 700 /home'.
My ssh 2.0.10 under linux does not have this problem.

-CJO-

On Mon, 27 Dec 1999, Scott D. Yelich wrote:

>-----BEGIN PGP SIGNED MESSAGE-----
>
>
>On Mon, 27 Dec 1999, Ryan Permeh wrote:
>> This is standard unix behaviour. if a user's home directory path isn't
>> readable by that user, they can't access it. typically the /home dir should
>> be world readable as should the / dir. home directories can be any
>> permissions a user wants and should be owned by the user themselves.
>> Ryan
>
>Hello, moderator?
>
>Your statements are simply not correct... and it's not the job of each
>and every application to inflict upon the system its opinion of what
>"standard unix behaviour" should be. Just imagine if this were the case
>and you had 15 different apps each thinking the "standard unix
>behaviour" was something different -- or worse, something completely
>contradictory.
>
>I'm not sure discussing "Standard unix behaviour" would be productive
>here...
>
>Sorry.
>
>Scott
>
>-----BEGIN PGP SIGNATURE-----
>Version: 2.6.2
>
>iQCVAwUBOGefoh4PLs9vCOqdAQE1tAP/drX8ikZo16OOq0DueHkpV9BVu+Qt2bpd
>bTwuL2loRad80B4AbCR2ulXBM8Ou+LPsROJ1tydZqt5G/59CQyX2eik7UnWrRSwX
>51t6tBu1hsxNAU0QVdJTf3fJTVczuiuSYRJsZr1xzW1NTEOHt0LocMe1EdJns6W1
>WX+uLnZAMYc=
>=iVUC
>-----END PGP SIGNATURE-----
>
>

             C.J. Oster (Linux Guru/Surge Addict) cjo_at_pobox.com
   ----------------------------------------------------------------------
          Network Security Manager Unix System Administrator
             For BHNet, Bromley Hall WSG, CCSO, UIUC
          Hoover and Associates oster_at_uiuc.edu
          security_at_bromleygroup.com (217)265-8427
   ----------------------------------------------------------------------

         PGP: 87D5 4216 43A1 42D6 754D 8F5E 24B3 992A B7A1 F556

      Tuition: n. The way you screw your self out of something you
      really want, need, like, or enjoy to learn a simple lesson.
Received on Dec 27 1999

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos