[Bug 1060] ~/.ssh/config check too strict on systems with per-user groups

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Mon Jul 4 09:51:14 EST 2005


------- Additional Comments From djm at mindrot.org  2005-07-04 09:51 -------
I don't like these complex heuristics, especially since they depend on
properties of the user and group name. It looks like it would also break on
users who are directly assigned to another user's group in /etc/passwd.

Why can't you just warn your users? (suggestion 5 in the Debian bug). The client
config file is security-critical (malicious modification can lead to account
compromise), so requiring users to pay attention is not a bad thing.

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the openssh-bugs mailing list