CVSROOT: /cvs
Module name: src
Changes by: d...@cvs.openbsd.org 2010/06/25 17:15:36
Modified files:
usr.bin/ssh : clientloop.c clientloop.h mux.c readconf.c
readconf.h ssh.c ssh_config.5
Log message:
Add X11ForwardTimeout option to specify timeout for untrusted X11
authentication cookies to avoid fallback in X11 code to fully-trusted
implicit authentication using SO_PEERCRED described at:
http://lists.x.org/archives/xorg-devel/2010-May/008636.html
After the X11ForwardTimeout has expired the client will now refuse
incoming X11 channel opens.
based on patch from Tavis Ormandy; "nice" markus@
