by redmail.netbsd.org with SMTP; 4 Nov 1999 10:00:12 -0000
	by gwa2.fe.bosch.de (8.9.1/8.9.1) id KAA16527
	for <tech-security@netbsd.org>; Thu, 4 Nov 1999 10:48:41 +0100 (MET)
	id xma015821; Thu, 4 Nov 99 10:47:28 +0100
          (Netscape Messaging Server 3.0)  with ESMTP id AAA21452
          for <tech-security@netbsd.org>; Thu, 4 Nov 1999 10:59:22 +0100
	by gorgo.bk.bosch.de (8.9.1b+Sun/8.9.1) with ESMTP id KAA10326
	for <tech-security@netbsd.org>; Thu, 4 Nov 1999 10:59:21 +0100 (MET)
Message-ID: <382158F9.2BBABA1F@bosch.com>
Date: Thu, 04 Nov 1999 10:59:21 +0100
From: Guenther Grau <Guenther.Grau@bosch.com>
Organization: Bosch Telecom Software Systeme
MIME-Version: 1.0
To: tech-security@netbsd.org
Subject: Re: evil? sshd patch
References: <199911031757.MAA15974@Twig.Rodents.Montreal.QC.CA>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

der Mouse wrote:
> 
> >>> or do you know someone who changed the root uid as well?  :)
> >> I don't think that's possible.
> > sure it is.  all you have to do is [...].  it's just the amount of
> > work that's involved that's monumental.
> 
> :-)
> 
> > oh, and you'd probably have a lot of trouble interoperating with
> > other systems.  :)
> 
> Why?  I can't see how this would cause any interoperability problems.
> Or do you know of some wire protocols that care about what UIDs may be
> given special powers?

Yes, NFS, for example. It maps userid 0 to anon-userid by
default.

  Guenther