vulnerability with ssh-agent

Nils Larsch nlarsch at compuserve.de
Thu Jul 15 05:31:11 EST 2004


Keld Jørn Simonsen wrote:
> Michael Stevens wrote:
> 
> 
>>If its in memory, you should assume that root can see it.
> 
> 
> yes, that is of cause true, but I am not sure that the dsa key
> is in the memory of the ssh-agent, and I am not sure that it will be
> easily visible. I had a try if I could find my dsa key in the /proc/pid/exe
> file of the ssh-agent with strings, but I could not find it. 

/proc/$PID/exe is a link to the executable file and _not_ the
process memory, for that you have /proc/$PID/mem (or /proc/kcore)
see the proc manpage

Nils




More information about the openssh-unix-dev mailing list