The release of OpenSSH
3.3 includes greatly improved support for privilege separation,
which is now enabled by default.
The process charged with talking to the network; now runs without privilege.
Upgrading is strongly recommended (see below).
Previously any corruption in the sshd could lead to an immediate remote root compromise if it happened before authentication, and to local root compromise if it happend after authentication. Privilege Separation will make such compromise very difficult if not impossible.
Or to put it into the words of Theo de Raadt: "Privilege Separation will one day save our asses." So, turn it on now.
When upgrading with a 2.2.x kernel, disabling compression is recommended
to avoid this bug which causes sshd to log a fatal mmap argument error then crash.
Update:
According to this OpenSSH Security Advisory
OpenSSH 3.3 has a serious privilege escalation vulnerable.
Please see the
new vulnerability report
for more information and a list of available alerts.
