On Wed, Jun 21, 2006 at 04:34:59PM -0600, Mark Shellenbaum wrote: > Can you give us an example of a 'file' the ssh-agent wishes to open and > what the permission are on the file and also what privileges the > ssh-agent has, and what the expected results are.
ssh-agent(1) should need to open no files, once setup is complete, other than world-readable files needed by whatever libraries. ssh-agent(1) speaks a protocol with remote peers (through IPC to ssh(1)); thus limiting what it can do should it be compromised is appealing. > You need to be very careful about changing the rules for access control, > since you may end up breaking POSIX compliance. That's presumably why these would be basic privileges (Darren and Nicolai can confirm). _______________________________________________ zfs-discuss mailing list zfs-discuss@opensolaris.org http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
