On Fri, Nov 16, 2001 at 05:11:11PM -0500, David Edelsohn wrote: > My colleagues and I believe we have found a problem in the > auth.c:secure_filename() code which causes it to be more aggressive than > intended. We first noticed the problem in OpenSSH-2.9.9. thanks, this has been fixed in newer releases. -m