Slashdot Mirror

← Back to Stories (view on slashdot.org)

Separating OpenSSH's Privileges For Safety

Posted by timothy on from the making-a-list-checking-it-twice dept.

Niels Provos writes: "Even though I should be working on my disseration proposal right now, I got side tracked with a little project. Markus and I have been working on a 'Privilege Separated OpenSSH.' The basic idea is that OpenSSH starts two processes, one privileged and one unprivileged. The unprivileged process deals with all the network data processing, while the privileged process monitors and decides if authentication was successful. This reduces the impact that bugs in for example third party libraries can have on OpenSSH. We hope that any privilege escalation will not be possible any more in the future." This privilege separation should show up in future versions of OpenSSH, including the portable version.

1 of 16 comments (clear)

  1. If it aint broke... by b_pretender · · Score: 0, Troll

    ...then don't fix it!!