[Bug 3277] Global ssh_config file permissions are not checked.

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Fri Jul 2 14:50:08 AEST 2021


Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
                 CC|                            |djm at mindrot.org

--- Comment #3 from Damien Miller <djm at mindrot.org> ---
I'm inclined to agree and to not add additional checking - ssh should
aim to protect the user against misconfiguration, but it's IMO overkill
to detect serious admin misconfiguration.

On one hand, as Darren points out, a too strict definition of
"misconfiguration" might break working setups.

On the other, how far should a user tool go towards checking the system
is in an expected state? Should it check the permissions on
/etc/passwd? /dev/*? etc.

You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

More information about the openssh-bugs mailing list