by mail.netbsd.org with SMTP; 19 Oct 2000 02:38:18 -0000
	by noc.untraceable.net (8.11.1/8.11.1/bonk!) id e9J2cAK06368
	for tech-security@netbsd.org; Wed, 18 Oct 2000 22:38:10 -0400 (EDT)
Date: Wed, 18 Oct 2000 22:38:10 -0400
From: Andrew Brown <atatat@atatdot.net>
To: NetBSD Security Technical Discussion List <tech-security@netbsd.org>
Subject: Re: setuid ssh
Message-ID: <20001018223810.A6338@noc.untraceable.net>
Reply-To: Andrew Brown <atatat@atatdot.net>
References: <atatat@atatdot.net> <20001018142031.6072B2A2A@orchard.arlington.ma.us> <20001018102640.A293@noc.untraceable.net> <20001018161255.7D8CF4@proven.weird.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <20001018161255.7D8CF4@proven.weird.com>; from woods@weird.com on Wed, Oct 18, 2000 at 12:12:55PM -0400
Return-Receipt-To: receipts@daemon.org

>That's easy.  Put something like this in the target user's
>~/.ssh/authorised_keys.  Replace the zeros with originating user's
>public key (~/.ssh/identity.pub).  Make sure the the target user has a
>login of /sbin/nologin.  Oh, and fix your sshd to properly use /bin/sh
>when executing "command=".  Patch to 1.2.27 available from:
>
>	ftp://ftp.weird.com/pub/local/ssh-1.2.27.planix.2-Patch

that's a rather weighty patch...not one i'd feel comfortable (or the
inclination of) installing on a lot of machines.

and "properly use /bin/sh when executing" is wrong.  plain wrong.  it
should be using *my* shell.

-- 
|-----< "CODE WARRIOR" >-----|
codewarrior@daemon.org             * "ah!  i see you have the internet
twofsonet@graffiti.com (Andrew Brown)                that goes *ping*!"
andrew@crossbar.com       * "information is power -- share the wealth."