:: Re: [DNG] [SECURITY] [DSA 5649-1] x…
Forside
Slet denne besked
Besvar denne besked
Skribent: Didier Kryn
Dato:  
Til: dng
Emne: Re: [DNG] [SECURITY] [DSA 5649-1] xz-utils security update
Le 30/03/2024 à 23:06, Arnt Karlsen a écrit :
> ..true, but as you'll have seen by now, it took them quite a while to
> figure all that out, and the bad guys may have set up other backdoors
> into ssh. There is after all a lot of WWIII talk going on these days,
> even in those moderate circles, and ssh_IS_ a backdoor vector "worth
> trying" into not just IT infrastructure, there are also ships downing
> bridges.


    Obviously ssh is a door: it is, by design, THE MAIN DOOR to enter a
host from remote. And this is why it is supposed to be extremely secure
-- provided the admin configures it properly. People should NEVER patch
it for such a futile motivation as supporting systemd notification.

--     Didier