vulnerability with ssh-agent
Keld Jørn Simonsen
keld at dkuug.dk
Thu Jul 15 05:16:27 EST 2004
joshua stein wrote:
> I wrote:
> > One commenter said that this has big holes. An intruder with root
> > privileges could set SSH_AUTH_SOCKET to at socket for ssh-agent found
> > in /tmp, and he could also find the keys in the /proc area for the
> > ssh-agent.
>
> if you have "an intruder with root privileges", you have bigger
> problems
Actually not necessarily so. The intruder with root privileges may have
broken in on my home system, but that is something I can deal with.
The intruder can via these techniques get access to some servers
where I have stored my dsa keys, and that would be a much bigger problem.
Best regards
Keld
More information about the openssh-unix-dev
mailing list