This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: Problem with 20050215 snapshot and ssh-agent forwarding
David,
On Feb 18 12:05, David Rothenberger wrote:
> I believe the problem is due to the new traverse checking. When I start
> ssh-agent the first time, I see the following in my /tmp directory:
>
> % l /tmp
> total 0
> drwx------+ 2 drothe None 0 Feb 18 11:47 ssh-YwRaOw6140/
>
> Since /tmp/ssh-YwRaOw6140 is owned by my user (drothe), the first ssh
> `hostname` has no problem accessing the ssh-agent socket.
>
> After I do the first ssh `hostname`, I have the following:
>
> % l /tmp
> total 0
> drwx------+ 2 SYSTEM root 0 Feb 18 11:50 ssh-AtsnfLH756/
> drwx------+ 2 drothe None 0 Feb 18 11:47 ssh-YwRaOw6140/
that's it. Thanks for the preparing analyzis. The problem is not
traverse checking, but traverse checking shows that there's a bug
in OpenSSH. The whole problem is that the directory and the forwarded
agent socket is owned by SYSTEM while it actually should be owned by
the user account on the target machine, in your case "drothe' again.
As long as traverse checking wasn't enabled, this just was no problem.
I'll upload a fixed OpenSSH version soon.
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Project Co-Leader mailto:cygwin@cygwin.com
Red Hat, Inc.
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/