10 Jan
2012
10 Jan
'12
1:55 p.m.
On Tue, Jan 10, 2012 at 2:49 PM, John Doe jdmls@yahoo.com wrote:
From: Bennett Haselton bennett@peacefire.org
On 1/10/2012 5:16 AM, John Doe wrote:
The sshd child is running as bob; so it has bob (and not root)
rights...
Yes, I understand that. What I said was that if you could take complete control of the sshd process you were connecting to, even if that process was completely unprivileged, you could still make it say "Accept a login from 'root' with password 'foo'" and then log in as root.
How would your bob owned child sshd take complete control of the parent root owned sshd...?
JD
Or, if you simply WANT more layers, then deploy defense-in-depth in FRONT of sshd. VPN or port-knocking springs to mind
BR Bent