ssh-agent and socket permission check
Igor Bukanov
igor at mir2.org
Fri Jul 25 09:24:02 EST 2014
On 25 July 2014 00:09, Damien Miller <djm at mindrot.org> wrote:
>
> It shouldn't be anyway. We ship it setgid by default and also use prctl()
> on Linux to prevent ptrace()
>
So with that setup on Linux it is not possible for an ordinary account to
read memory of ssh-agent barring a kernel bug? In any case, as in my case
everything runs in a container with no setuid/setguid binaries available,
that would not help.
More information about the openssh-unix-dev
mailing list