Bug 402

Summary: Suggested sshrc script unsafe
Product: Portable OpenSSH Reporter: Nickolai Zeldovich <kolya>
Component: DocumentationAssignee: OpenSSH Bugzilla mailing list <openssh-bugs>
Status: CLOSED FIXED    
Severity: minor    
Priority: P2    
Version: -current   
Hardware: All   
OS: All   

Description Nickolai Zeldovich 2002-09-24 14:54:44 AEST
The sshrc code suggested at the bottom of sshd(8) is unsafe,
in that it passes around the xauth key as an argument to
xauth -- while xauth is running, the key is, on most systems,
visible to other users on the same machine.  A more secure
way to pass the key is something like:

  echo add $DISPLAY $proto $cookie | xauth -q

which, in /bin/sh on most systems, uses the built-in echo
command.

While this isn't strictly a bug, it seems poor to suggest
code that exposes the xauth key.  Incidentally, it may also
be nice to use "xauth -q" instead of just "xauth", since the
same manpage also warns that sshrc shouldn't output anything
to stdout, which "xauth" does.
Comment 1 Todd T. Fries 2002-09-25 07:04:18 AEST
commit'ed to the OpenBSD tree; thanks for the catch! 
Comment 2 Damien Miller 2004-04-14 12:24:18 AEST
Mass change of RESOLVED bugs to CLOSED