On Mon, 2002-09-16 at 17:48:42 -0400, Andrew Danforth wrote... ; During authentication, OpenSSH 3.4p1 with privsep enabled passes the ; cleartext password from the main process to the privsep child using a ; pipe. Using strace or truss, root can see the user's plaintext password ; flying by. I observed this behavior from OpenSSH 3.4p1 built using GCC on ; Solaris 2.8 and the current Debian OpenSSH 3.4p1 package. This appears to not happen on FreeBSD using the OpenSSH 3.4p1 source (not the FreeBSD distro). Also, it doesn't happen when using pub/priv key authentication, as far as I can tell. -#0
