ssh-agent too easy to hack

[Markus Friedl]

On Tue, Jan 15, 2002 at 01:09:44AM +0100, Tim McGarry wrote:
> 3/ ssh and sshd, do a really good job of totally ignoring
> id_???/identity/authorized_keys etc if the permissions aren't absolutely as
> required, shouldn't the same stringent tests be applied to the
> directories/sockets used by the agent? (yes I realize that anyone whose sued
> to root, can easily su to be me)

check how the agent creates the directory