[Developers] Exploitable security hole in TunnelRunner.c
Bart Matthaei
bart at ambrero.nl
Tue Aug 14 15:39:00 CEST 2007
The only problem is that launchd is only available on 10.4 and up.
But that shouldn't be a problem.
Nobody uses < 10.4 anyway. ;-)
Cheers,
Bart
On 14-aug-2007, at 15:23, Eric Warnke wrote:
> Hmmmm....
>
> After reading the docs, launchd could be far more useful that it
> initially appears. It would only help for locally forwarded ports and
> would not be applicable to dynamic ports ( I don't think so at least
> ).
>
> It would also solve one of my last issues since the ssh connection
> would be triggered upon use as long as launchd was running and this is
> a HUGE advantage for us mobile users since the launch on wake /
> startup is flakey in a WiFi setting.
>
> Cheers,
> Eric
>
> On 8/14/07, Eric Warnke <ericew at gmail.com> wrote:
>> On 8/14/07, Jay <sshkeychain at lindalane.com> wrote:
>>> Does this mean that you could use launchctl to load a plist setting
>>> up tunnelrunner or ssh to bind to a privileged port?
>>>
>>> - Jay
>>
>>
>> Probably not because ssh is not designed to treat stdin as it's
>> source. This is the reason I'm looking at a small app that can
>> forward one local port to another. The helper app drops root as soon
>> as possible ( becoming the user again ) and ssh would never need
>> to be
>> run as root.
>>
>> Cheers,
>> Eric
>>
> _______________________________________________
> developers mailing list
> developers at sshkeychain.org
> http://www.sshkeychain.org/cgi-bin/mailman/listinfo/developers
>
--
Bart Matthaei bart at ambrero.nl
Ambrero Software
http://www.ambrero.nl/
More information about the developers
mailing list