|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Cisco says attacks are due to operational practices
Also, I believe ssh won't do this if you remove the suid bit (which is probably a good idea anyway). --Adam On Sat, Feb 12, 2000 at 03:07:25AM +0800, [email protected] wrote: > Its not a bug, its a leftover from rsh days - if the connection originates > from a port below 1024, you could assume *cough* that the credentials the > connection supplies are authentic, since the process needs to be root to > bind to ports < 1024. > > This isn't a "but thats flawed!" discussion seed, take that to bugtraq. > > There's a flag to ssh somewhere to stop it doing that. Yup, -P . > > Adrian
|