[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SSH revised
|
From: |
Lluis |
|
Subject: |
Re: SSH revised |
|
Date: |
Wed, 29 Mar 2006 00:07:39 +0200 |
|
User-agent: |
Mutt-ng devel-r782 (based on Mutt 1.5.11/2005-09-15) |
El Tue, Mar 28, 2006 at 08:07:42PM +0200, Bas Wijnen ens deleità amb les
següents paraules:
> On Tue, Mar 28, 2006 at 03:54:06PM +0200, Lluis wrote:
>> But... a cap. to a network connection makes any non-TCB code untrusted,
>
> I think you mean unconfined, not untrusted.
err... I don't know the exact definition of both, but what I meant to say
is that a networked (unconfined) non-TCB code can't be trusted... isn't
this right?
and any networked code would be unconfined, being it part of the TCB or
not... well, not exactly, but... :)
>> right?
>
> In general, yes, but in this case, no. The system accepts a connection from
> the network. It then starts this confined program with access to the host
> keys. It gives that program a capability to the user ssh server and to the
> socket for the network connection. Both sides of the connection need to be
> trusted (and they check this using some authentication mechenism such as
> public key authentication). The "confined" program can then talk to the user
> program, or the remote side, both of which are trusted.
>
> There are other problems when the program is taken over, though. First, the
> user (and if you're unlucky, anyone) can retrieve the host keys by taking
> over
> the program. Second, the program can start sending plain-text stuff to the
> network. The remote side will of course reject all this, but someone
> sniffing
> the network can still read it all. Actually, the remote side will likely not
> reject it, because it is the one who took over the program. That is, it is a
> system service, so it wasn't written to be malicious, so it can only do
> malicious things if it is taken over while running. This is because a new
> connection will get a new instance of the program, so taking over one ssh
> connection does not give you access to any other connection. Is this still
> understandable?
crystal clear :)
Regards,
Lluis
--
"And it's much the same thing with knowledge, for whenever you learn
something new, the whole world becomes that much richer."
-- The Princess of Pure Reason, as told by Norton Juster in The Phantom
Tollbooth
Listening: Symphony X (The Divine Wings Of Tragedy) - 03.
- Re: SSH revised, (continued)
- Re: SSH revised, Bas Wijnen, 2006/03/24
- Re: SSH revised, Marcus Brinkmann, 2006/03/24
- Re: SSH revised, Lluis, 2006/03/27
- Re: SSH revised, Marcus Brinkmann, 2006/03/28
- Re: SSH revised, Bas Wijnen, 2006/03/28
- Re: SSH revised, Lluis, 2006/03/28
- Re: SSH revised, Bas Wijnen, 2006/03/28
- Re: SSH revised,
Lluis <=
- Re: SSH revised, Lluis, 2006/03/27
Re: SSH revised, Niels Möller, 2006/03/25
Re: SSH revised, Tom Bachmann, 2006/03/27
Re: SSH revised, Guy Bormann, 2006/03/22
Re: SSH revised, Tom Bachmann, 2006/03/24