In the terminal room...

• Previous message (by thread): MBONE / NANOG 13
• Next message (by thread): Fwd: Re: $110,000 for Gated Source Code
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

People might want to be careful what binary you run in the terminal
room if you're using ssh (or whatever).  I happened to find
this today while using them (extra junk snipped):

% pwd
/usr/home/nanog
% ls -al ssh
-rwxr-xr-x  1 nanog  nanog  1218960 Jun  7 13:04 ssh
% ./ssh -v
SSH Version 1.2.22 [i386-unknown-freebsd2.2.6], protocol version 1.5.
Standard version.  Does not use RSAREF.
[snipped]
% which ssh
/usr/local/bin/ssh
% ls -al /usr/local/bin/ssh
lrwxrwxrwx  1 root  wheel  14 Jun  6 07:55 /usr/local/bin/ssh -> ../ssh/bin/ssh
% ls -al /usr/local/ssh/bin/ssh
lrwxrwxrwx  1 root  wheel  4 Jun  6 07:55 /usr/local/ssh/bin/ssh -> ssh1
% ls -al /usr/local/ssh/bin/ssh1
-rws--x--x  1 root  wheel  212952 May 20 09:20 /usr/local/ssh/bin/ssh1
% /usr/local/bin/ssh -v
SSH Version 1.2.23 [i386-unknown-freebsd2.2.6], protocol version 1.5.
Standard version.  Does not use RSAREF.
[snipped]

Dot isn't in the path on these boxes, but you still might want to be
careful anyway.  Perhaps someone just brought over their own ssh binary,
because they didn't trust the one here, or it could be something more
malicious.  I guess the moral of the story is to be careful about
what you run on these machines.

-jkk

-- 
Jim Klossner - jkk at frontiernet.net		http://www.frontiernet.net
"VMS is about as secure as a poodle encased in a block of lucite...
	...about as useful, too."	-wendigo at pobox.com

• Previous message (by thread): MBONE / NANOG 13
• Next message (by thread): Fwd: Re: $110,000 for Gated Source Code
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]