On Wed, Jun 06, 2001 at 02:33:23PM +0300, Peter Pentchev wrote:
> > > Are you using X forwarding? (ie, ssh -X)
>
> Yes, disabling X forwarding would be an easy workaround.
> Can somebody, however, test if the following patch resolves the problem?
> It certainly does for me..
>
> Well, ok, so there is still a race condition between the stat() and unlink()
> in the cleanup procedure.. but since there is no funlink() yet, I do not
> really think this one can be resolved :( And besides, there's a *much*
> smaller window of opportunity there.

i think it's simpler to switch uids when removing the cookie file.

        http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/session.c.diff?r1=1.77&r2=1.80

-m

To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]