> this feature was inherited from ossh and the reason was:
> 1) if $HOME is on NFS, then the cookie travels unencrypted
> over the network, this defeats the purpose of X11-fwding
> 2) $HOME/.Xauthority gets polluted with temorary cookies.
> however, i'm not sure whether the be
>The problem isn't the authentication, it's the granularity of the
>authorization that the filesystem affords. NFS leaves authorization
>up to the client host (aka ``No File Security'').
NFS provides most any level of security you desire; not many vendors
implement NFS security, though. NFSv4
Peter W <[EMAIL PROTECTED]> writes:
> On Tue, Jun 05, 2001 at 07:36:24PM -0700, Dale Southard wrote:
> > Peter W <[EMAIL PROTECTED]> writes:
>
> > > Since the DISPLAY name changes, and an Xauthority file can
> > > hold multiple X cookie credentials, is there any good reason why OpenSSH
> > > nee
On Tue, Jun 05, 2001 at 03:21:32PM -0400, Peter W wrote:
> As for the patches that are more careful when creating
> /tmp/ssh-/cookies -- isn't there still an assumption that
> /tmp/ssh-/cookies won't be removed before the ssh session ends?
no. sshd did switch uid/groups before c
On Mon, Jun 04, 2001 at 03:17:04PM -0700, [EMAIL PROTECTED] wrote:
> On Mon, Jun 04, 2001 at 11:19:37AM -0400, David F. Skoll wrote:
> > I could not duplicate this with OpenSSH 2.9p1-1 on Red Hat 6.2
> The problem code is invoked in the X forwarding of ssh. If you try
> again, this time passing -