[Bug 2050] Support XDG basedir specification
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Tue Dec 15 00:51:38 AEDT 2020
https://bugzilla.mindrot.org/show_bug.cgi?id=2050
--- Comment #17 from Dmitry V. Levin <ldv at altlinux.org> ---
(In reply to Drew DeVault from comment #16)
> (In reply to Dmitry V. Levin from comment #15)
> > Adding support for an extra place where to look for security
> > sensitive information would introduce a major security risk,
> > therefore openssh should not change its default behavior in this
> > respect. If it ever changed, we downstream maintainers would
> > certainly patch it out.
>
> And how exactly does it pose a major security risk?
The risk is that sensitive data would be accessed from a less secure
location than ~/.ssh/. I saw setups where ~/ and ~/.ssh/ directories
were out of user control, these setups would break.
You're talking about defaults, they shouldn't change this way.
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list