Re: OpenSSH Security Advisory: xauth command injection

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Nico Kadel-Garcia <nkadel@xxxxxxxxx> writes:
> Dag-Erling Smørgrav <des@xxxxxx> writes:
> > Some OS distributions (FreeBSD, RHEL / CentOS, probably Fedora) have
> > X11Forwarding enabled by default.
> I'm not sure I see your point.

With X11Forwarding off by default, one would assume that it is only
enabled on a case-by-case basis for users or groups who already have the
necessary privileges to run arbitrary code on the server and therefore
have nothing to gain from exploiting this bug.  With X11Forwarding on by
default, it might remain enabled for e.g. gitolite users.

DES
-- 
Dag-Erling Smørgrav - des@xxxxxx
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux