> this feature was inherited from ossh and the reason was: > 1) if $HOME is on NFS, then the cookie travels unencrypted > over the network, this defeats the purpose of X11-fwding > 2) $HOME/.Xauthority gets polluted with temorary cookies. > however, i'm not sure whether the benefit justifies the complexity, > so this feature could be removed from future OpenSSH versions. I cannot tell which is more important. No wait, I can. OK, let's do the home dir thing then. In the NFS case, if someone is sniffing your NFS traffic you are fucked from here to hell.
- SSH allows deletion of other users files... zen-parse
- Re: SSH allows deletion of other users files... Jason DiCioccio
- Re: SSH allows deletion of other users files... Jerry Connolly
- Re: SSH allows deletion of other users files... Markus Friedl
- Re: SSH allows deletion of other users files... aleph1
- Re: SSH allows deletion of other users files... David F. Skoll
- Re: SSH allows deletion of other users files... sarnold
- Re: SSH allows deletion of other users files.... Markus Friedl
- Re: SSH / X11 auth: needless complexity ->... Peter W
- Re: SSH / X11 auth: needless complexity -... Markus Friedl
- Re: SSH / X11 auth: needless complex... Theo de Raadt
- Re: SSH / X11 auth: needless complexity -... Dale Southard
- Re: SSH / X11 auth: needless complex... Casper Dik
- nosymfollow Re: SSH allows deletion of other users fi... Jan Grant