[svlug] OpenSSH source may be trojaned, unless...

Drew Bertola drew at drewb.com
Thu Aug 1 13:18:28 PDT 2002


On Thu, Aug 01, 2002 at 03:23:45PM -0400, Bruce O. Benson wrote:
> 
> You may have a trojaned OpenSSH source, unless you run Debian,
> in which case you're OK.

That's the silliest conclusion I've ever read on this list, specially
from a security SIG co-chair.  Running Debian has nothing to do with
being OK.  Think about it first.

Let's say Sue runs Debian, but she just downloaded, built, and
installed the trojaned openssh.  Is she ok?

-- 
+---------------------- T h e C o o p . n e t ----------------------+
| Drew Bertola         Hosting - Colocation      Tel:  408-738-8337 |
| TheCoop.net      Programming - Administration  Mob:  408-887-0426 |
| drew at thecoop.net    Open Source Specialists    http://thecoop.net |
+-------------------------------------------------------------------+





More information about the svlug mailing list