Bug 402 - Suggested sshrc script unsafe
Summary: Suggested sshrc script unsafe
Status: CLOSED FIXED
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: Documentation (show other bugs)
Version: -current
Hardware: All All
: P2 minor
Assignee: OpenSSH Bugzilla mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2002-09-24 14:54 AEST by Nickolai Zeldovich
Modified: 2004-04-14 12:24 AEST (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Nickolai Zeldovich 2002-09-24 14:54:44 AEST 
The sshrc code suggested at the bottom of sshd(8) is unsafe,
in that it passes around the xauth key as an argument to
xauth -- while xauth is running, the key is, on most systems,
visible to other users on the same machine.  A more secure
way to pass the key is something like:

  echo add $DISPLAY $proto $cookie | xauth -q

which, in /bin/sh on most systems, uses the built-in echo
command.

While this isn't strictly a bug, it seems poor to suggest
code that exposes the xauth key.  Incidentally, it may also
be nice to use "xauth -q" instead of just "xauth", since the
same manpage also warns that sshrc shouldn't output anything
to stdout, which "xauth" does.
Comment 1 Todd T. Fries 2002-09-25 07:04:18 AEST 
commit'ed to the OpenBSD tree; thanks for the catch!
Comment 2 Damien Miller 2004-04-14 12:24:18 AEST 
Mass change of RESOLVED bugs to CLOSED