Re: [CentOS] defense-in-depth possible for sshd?

10 Jan 2012


      From: Bennett Haselton bennett@peacefire.org
...
On 1/10/2012 5:16 AM, John Doe wrote:
...
The sshd child is running as bob; so it has bob (and not root) rights...
Yes, I understand that.  What I said was that if you could take complete 
control of the sshd process you were connecting to, even if that process 
was completely unprivileged, you could still make it say "Accept a login 
from 'root' with password 'foo'" and then log in as root.
How would your bob owned child sshd take complete control of the 
parent root owned sshd...?
JD

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Re: [CentOS] defense-in-depth possible for sshd?