| Rich Freeman via plug on 17 Jun 2020 14:59:02 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] sshd as regular user |
On Wed, Jun 17, 2020 at 4:57 PM brent saner via plug <plug@lists.phillylinux.org> wrote: > > Non-privileged ports spawned by regular users are publicly-accessible too. ;) Sure, but an exploit will be contained to the specific user. That may or may not be as serious as a root exploit depending on how the host is used. When sshd is running as root you have some code running at a very low priv level and other code running as root. When sshd is running as non-root you have all the code running as that user. That certainly opens up some attacks, but it also prevents others. In any case, it isn't exactly a typical config, and openssh exploits are relatively rare, so it is really hard to say what the real-world impact is... -- Rich ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug