On Thu, 24 Jul 2014, Igor Bukanov wrote: > I would like to run ssh-agent under a different account to make sure that > its memory holding private keys is not readable. It shouldn't be anyway. We ship it setgid by default and also use prctl() on Linux to prevent ptrace()