Running the 20101126 snapshot, I was poking around a bit this morning
and noticed a possible permissions issue.
$ ls -l /tmp/ssh-U7b26QotNu5v/agent.12708
srwxr-xr-x 1 test wheel 0 Nov 28 15:57 /tmp/ssh-U7b26QotNu5v/agent.12708
ssh-agent (1):
$TMPDIR/ssh-XXXXXXXXXX/agent.<ppid>
UNIX-domain sockets used to contain the connection to the
authentication agent. These sockets should only be readable by
the owner. The sockets should get automatically removed when the
agent exits.
[...]
A UNIX-domain socket is created and the name of this socket is stored in
the SSH_AUTH_SOCK environment variable. The socket is made accessible
only to the current user. This method is easily abused by root or
another instance of the same user.
Should auth-agent be setting the socket permission to 0700?
