From owner-freebsd-security  Fri Jun  8 12:37:13 2001
Delivered-To: freebsd-security@freebsd.org
Received: from ringworld.nanolink.com (ringworld.nanolink.com [195.24.48.13])
	by hub.freebsd.org (Postfix) with SMTP id 617D837B403
	for <security@FreeBSD.ORG>; Fri,  8 Jun 2001 12:35:44 -0700 (PDT)
	(envelope-from roam@orbitel.bg)
Received: (qmail 56078 invoked by uid 1000); 8 Jun 2001 19:34:00 -0000
Date: Fri, 8 Jun 2001 22:34:00 +0300
From: Peter Pentchev <roam@orbitel.bg>
To: Rob Simmons <rsimmons@wlcg.com>
Cc: Neil Blakey-Milner <nbm@mithrandr.moria.org>,
	Andreas Haugsnes <andreas@haugsnes.no>, security@FreeBSD.ORG
Subject: Re: [fwd] SSH allows deletion of other users files...
Message-ID: <20010608223400.C54030@ringworld.oblivion.bg>
Mail-Followup-To: Rob Simmons <rsimmons@wlcg.com>,
	Neil Blakey-Milner <nbm@mithrandr.moria.org>,
	Andreas Haugsnes <andreas@haugsnes.no>, security@FreeBSD.ORG
References: <20010606125321.A56634@mithrandr.moria.org> <Pine.BSF.4.21.0106081523560.57977-100000@mail.wlcg.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <Pine.BSF.4.21.0106081523560.57977-100000@mail.wlcg.com>; from rsimmons@wlcg.com on Fri, Jun 08, 2001 at 03:27:58PM -0400
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

If you do ssh -v -v -X user@host, and you do this from within an X terminal
(so there is an X session to forward to ;), is there some XAUTHORITY output
at the end?

If not, then:
- Is X installed on the server host?
- Is there a /usr/X11R6/bin/xauth on the server host, executable by your user?
- Are you really sure you're running the client from within an X session? :)

G'luck,
Peter

-- 
You have, of course, just begun reading the sentence that you have just finished reading.

On Fri, Jun 08, 2001 at 03:27:58PM -0400, Rob Simmons wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: RIPEMD160
> 
> With X forwarding on in /etc/ssh/sshd_config:
> X11Forwarding yes
> 
> and using
> ssh -X <user>@<host>
> 
> I don't see any ssh files in /tmp.  Does this bug apply to FreeBSD's
> version of OpenSSH?
> 
> Robert Simmons
> Systems Administrator
> http://www.wlcg.com/
> 
> On Wed, 6 Jun 2001, Neil Blakey-Milner wrote:
> 
> > On Wed 2001-06-06 (12:48), Andreas Haugsnes wrote:
> > > I've tested it with FreeBSD 4.3, and I have not found this bug
> > > to apply.
> > 
> > Are you using X forwarding? (ie, ssh -X)

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message