Re: Security Update from MAC breaks ssh -X

To:	William Ahern <william@25thandClement.com>
Subject:	Re: Security Update from MAC breaks ssh -X
From:	Damien Miller <djm@mindrot.org>
Date:	Tue, 20 Mar 2007 10:32:48 +1100 (EST)
Cc:	openssh-unix-dev@mindrot.org
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	openssh-unix-dev-list1@securepoint.com
Delivered-to:	openssh-unix-dev-tmda@mindrot.org
Delivered-to:	openssh-unix-dev@mindrot.org
In-reply-to:	<20070319232648.GA15156@wilbur.25thandClement.com>
List-archive:	<http://lists.mindrot.org/pipermail/openssh-unix-dev>
List-help:	<mailto:openssh-unix-dev-request@mindrot.org?subject=help>
List-id:	Development of portable OpenSSH <openssh-unix-dev.mindrot.org>
List-post:	<mailto:openssh-unix-dev@mindrot.org>
List-subscribe:	<http://lists.mindrot.org/mailman/listinfo/openssh-unix-dev>, <mailto:openssh-unix-dev-request@mindrot.org?subject=subscribe>
List-unsubscribe:	<http://lists.mindrot.org/mailman/listinfo/openssh-unix-dev>, <mailto:openssh-unix-dev-request@mindrot.org?subject=unsubscribe>
References:	<22083437.1174322746@22gdellstarr.csb.musc.edu> <45FF0DED.7090402@zip.com.au> <20070319232648.GA15156@wilbur.25thandClement.com>
Sender:	openssh-unix-dev-bounces+openssh-unix-dev-list1=securepoint.com@mindrot.org

To:

William Ahern <william@25thandClement.com>

Subject:

Re: Security Update from MAC breaks ssh -X

From:

Damien Miller <djm@mindrot.org>

Date:

Tue, 20 Mar 2007 10:32:48 +1100 (EST)

Cc:

openssh-unix-dev@mindrot.org

Delivered-to:

sp-com-lists@consult.net

Delivered-to:

openssh-unix-dev-list1@securepoint.com

Delivered-to:

openssh-unix-dev-tmda@mindrot.org

Delivered-to:

openssh-unix-dev@mindrot.org

In-reply-to:

<20070319232648.GA15156@wilbur.25thandClement.com>

List-archive:

<http://lists.mindrot.org/pipermail/openssh-unix-dev>

List-help:

<mailto:openssh-unix-dev-request@mindrot.org?subject=help>

List-id:

Development of portable OpenSSH <openssh-unix-dev.mindrot.org>

List-post:

<mailto:openssh-unix-dev@mindrot.org>

List-subscribe:

<http://lists.mindrot.org/mailman/listinfo/openssh-unix-dev>, <mailto:openssh-unix-dev-request@mindrot.org?subject=subscribe>

List-unsubscribe:

<http://lists.mindrot.org/mailman/listinfo/openssh-unix-dev>, <mailto:openssh-unix-dev-request@mindrot.org?subject=unsubscribe>

References:

<22083437.1174322746@22gdellstarr.csb.musc.edu> <45FF0DED.7090402@zip.com.au> <20070319232648.GA15156@wilbur.25thandClement.com>

Sender:

openssh-unix-dev-bounces+openssh-unix-dev-list1=securepoint.com@mindrot.org

On Mon, 19 Mar 2007, William Ahern wrote:

> On Tue, Mar 20, 2007 at 09:25:49AM +1100, Darren Tucker wrote:
> > This has been the default for years, I don't know why you're only seeing 
> > problems now (unless Apple used to change the default in their packages 
> > and now don't?)
> 
> For one thing, Apple hasn't updated their version of OpenSSH for years.
> Which patches they backport is anyone's guess. They certainly haven't
> backported control socket mastering.

... and I don't recall them having contributed anything back either.

Apple ship patches on top of OpenSSH that change its behaviour in
other ways too. I just compile my own OpenSSH on for OS X and use that,
this way I get a recent and well-behaved version.

-d

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
http://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

<Prev in Thread]	Current Thread	[Next in Thread>
Security Update from MAC breaks ssh -X, Starr Hazard Re: Security Update from MAC breaks ssh -X, Darren Tucker Re: Security Update from MAC breaks ssh -X, William Ahern Re: Security Update from MAC breaks ssh -X, Damien Miller <= Re: Security Update from MAC breaks ssh -X, John Davidorff Pell Re: Security Update from MAC breaks ssh -X, Marc Aurele La France

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	Re: Security Update from MAC breaks ssh -X, William Ahern
Next by Date:	Re: Security Update from MAC breaks ssh -X, Marc Aurele La France
Previous by Thread:	Re: Security Update from MAC breaks ssh -X, William Ahern
Next by Thread:	Re: Security Update from MAC breaks ssh -X, John Davidorff Pell
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

Re: Security Update from MAC breaks ssh -X, William Ahern

Next by Date:

Re: Security Update from MAC breaks ssh -X, Marc Aurele La France

Previous by Thread:

Re: Security Update from MAC breaks ssh -X, William Ahern

Next by Thread:

Re: Security Update from MAC breaks ssh -X, John Davidorff Pell

Indexes:

[Date] [Thread] [Top] [All Lists]