Mailinglist Archive: opensuse-security (334 mails)

< Previous Next >
Re: [suse-security] openssh-3.5p1-107 tunneling problems
  • From: John Andersen <jsa@xxxxxxxxxxxxxx>
  • Date: Thu, 25 Sep 2003 00:11:12 -0800
  • Message-id: <200309250011.12107.jsa@xxxxxxxxxxxxxx>
On Wednesday 24 September 2003 04:00, Armin Schoech wrote:
> But the default with the new rpm is that priviledge separation is
> disabled, i.d. the process handling the socket and taking care of the
> tunneling is running as root.

Was this designed this way? and Is there a reason for it?
It looks like a major security screw-up to me...
--
_____________________________________
John Andersen

< Previous Next >
References