On Fri, Jan 21, 2005 at 10:22:02AM +0100, Martin Quinson wrote: > A closer check to the package reveals that it's only useful if you want to > open a security risk on your machine. All info relatives to the ssh-agent > are written into a well known file, allowing cron jobs and attackers to use > them without prior knowledge of your passwords.
This has no security impact whatsoever. ssh-agent creates its socket directory mode 700; if you can write to the socket, you can also read the environment variables necessary to talk to the agent out of the output of 'ps xwwwe' (or even just go and have a look through /tmp), and if you can't write to the socket, then there is no concern. Do not ever rely on the extremely minor obscurity provided by not having the socket path right in front of any attacker. > Dudes. There is a reason why those informations are not written to file by > ssh itself. That reason is not for security purposes; it's simpler to pass them round in the environment, that's all. The fact that the location of the authentication socket is passed in the environment is NOT a defence of ANY KIND; if you are relying on this for any kind of security whatsoever then you should rethink your own security design. Cheers, -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
