CVSROOT: /cvs Module name: src Changes by: d...@cvs.openbsd.org 2010/06/25 17:15:36
Modified files: usr.bin/ssh : clientloop.c clientloop.h mux.c readconf.c readconf.h ssh.c ssh_config.5 Log message: Add X11ForwardTimeout option to specify timeout for untrusted X11 authentication cookies to avoid fallback in X11 code to fully-trusted implicit authentication using SO_PEERCRED described at: http://lists.x.org/archives/xorg-devel/2010-May/008636.html After the X11ForwardTimeout has expired the client will now refuse incoming X11 channel opens. based on patch from Tavis Ormandy; "nice" markus@