Re: defense-in-depth possible for sshd?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



From: Bennett Haselton <bennett@xxxxxxxxxxxxx>

> On 1/10/2012 5:16 AM, John Doe wrote:
>>  The sshd child is running as bob; so it has bob (and not root) rights...
> 
> Yes, I understand that.  What I said was that if you could take complete 
> control of the sshd process you were connecting to, even if that process 
> was completely unprivileged, you could still make it say "Accept a login 
> from 'root' with password 'foo'" and then log in as root.

How would your bob owned child sshd take complete control of the 
parent root owned sshd...?

JD
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux