by redmail.netbsd.org with SMTP; 4 Nov 1999 17:54:54 -0000
	by pzero.sandelman.ottawa.on.ca (8.8.8/8.8.8) with ESMTP id MAA00964;
	Thu, 4 Nov 1999 12:43:40 -0500 (EST)
Message-Id: <199911041743.MAA00964@pzero.sandelman.ottawa.on.ca>
To: Andrew Brown <atatat@atatdot.net>
cc: der Mouse <mouse@rodents.montreal.qc.ca>, tech-security@netbsd.org
Subject: Re: evil? sshd patch 
In-reply-to: Your message of "Wed, 03 Nov 1999 17:26:16 EST."
             <19991103172616.A25920@noc.untraceable.net> 
Mime-Version: 1.0 (generated by tm-edit 7.108)
Content-Type: text/plain; charset=US-ASCII
Date: Thu, 04 Nov 1999 12:43:30 -0500
From: Michael Richardson <mcr@sandelman.ottawa.on.ca>


>>>>> "Andrew" == Andrew Brown <atatat@atatdot.net> writes:
    >>> while i understand your point (doing accounting and stuff, blah blah
    >>> blah) it really won't make much difference here, will it?
    >> 
    >> It may.  I may have multiple superuser logins, some of which are
    >> captive in various ways; I need to specify, then, which one has "allow
    >> ssh as anyone" power.

    Andrew> root is root (meaning uid zero here, of course).  root cannot be made
    Andrew> a captive.  unless you've done something that you haven't told us
    Andrew> about.

shutdown:*:0:30:Shutdown account:/pzero/shutdown:/sbin/haltp

] Train travel features AC outlets with no take-off restrictions|  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another NetBSD/notebook using, kernel hacking, security guy");  [