by mail.netbsd.org with SMTP; 19 Oct 2000 15:15:22 -0000
	by noc.untraceable.net (8.11.1/8.11.1/bonk!) id e9JFFGj16368;
	Thu, 19 Oct 2000 11:15:16 -0400 (EDT)
Date: Thu, 19 Oct 2000 11:15:16 -0400
From: Andrew Brown <atatat@atatdot.net>
To: Curt Sampson <cjs@cynic.net>
Cc: tech-security@netbsd.org,
   Hubert Feyrer <hubert.feyrer@informatik.fh-regensburg.de>,
   Manuel Bouyer <bouyer@antioche.lip6.fr>, Jason R Thorpe <thorpej@zembu.com>
Subject: Re: setuid ssh
Message-ID: <20001019111516.A15900@noc.untraceable.net>
Reply-To: Andrew Brown <atatat@atatdot.net>
References: <20001018135225.A7705@antioche.lip6.fr> <Pine.NEB.4.21.0010181440492.6544-100000@agnostic.union.cynic.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <Pine.NEB.4.21.0010181440492.6544-100000@agnostic.union.cynic.net>; from cjs@cynic.net on Thu, Oct 19, 2000 at 08:40:47AM -0400
Return-Receipt-To: receipts@daemon.org

>> as long as you don't copy that key anywhere.  sure, that key can
>> *only* be used to log into the backup server, but from *anywhere*.
>
>If you don't like that property, than don't allow that key to be
>used from anywhere. You just need to put `from="foo.bar.com"' in
>front of the key in authorized_hosts. I have scripts that allow a
>fairly secure backup to be done to a remote host that trusts the
>one sending the backup only to write a new file (not overwrite
>current files) in a certain directory; e-mail me if you want details
>on this. As far as I can tell, the worst attack that it's open to
>is a DOS attack that fills up that partition.

now that people have mentioned this, i went to look it up, and i see
it.  hmm...i *suppose* i could subborn this to my purposes...

is that a openssh thing as well?

-- 
|-----< "CODE WARRIOR" >-----|
codewarrior@daemon.org             * "ah!  i see you have the internet
twofsonet@graffiti.com (Andrew Brown)                that goes *ping*!"
andrew@crossbar.com       * "information is power -- share the wealth."