From owner-freebsd-security  Fri Jun  8 12:47:32 2001
Delivered-To: freebsd-security@freebsd.org
Received: from mail.wlcg.com (mail.wlcg.com [207.226.17.4])
	by hub.freebsd.org (Postfix) with ESMTP id A671D37B401
	for <security@FreeBSD.ORG>; Fri,  8 Jun 2001 12:47:28 -0700 (PDT)
	(envelope-from rsimmons@wlcg.com)
Received: from localhost (rsimmons@localhost)
	by mail.wlcg.com (8.11.3/8.11.3) with ESMTP id f58JlEF59281;
	Fri, 8 Jun 2001 15:47:14 -0400 (EDT)
	(envelope-from rsimmons@wlcg.com)
Date: Fri, 8 Jun 2001 15:47:10 -0400 (EDT)
From: Rob Simmons <rsimmons@wlcg.com>
To: Peter Pentchev <roam@orbitel.bg>
Cc: Neil Blakey-Milner <nbm@mithrandr.moria.org>,
	Andreas Haugsnes <andreas@haugsnes.no>, security@FreeBSD.ORG
Subject: Re: [fwd] SSH allows deletion of other users files...
In-Reply-To: <20010608223400.C54030@ringworld.oblivion.bg>
Message-ID: <Pine.BSF.4.21.0106081541390.57977-100000@mail.wlcg.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Hmmm... It works.  I'm going to shut up now :)

Robert Simmons
Systems Administrator
http://www.wlcg.com/

On Fri, 8 Jun 2001, Peter Pentchev wrote:

> If you do ssh -v -v -X user@host, and you do this from within an X terminal
> (so there is an X session to forward to ;), is there some XAUTHORITY output
> at the end?
> 
> If not, then:
> - Is X installed on the server host?
> - Is there a /usr/X11R6/bin/xauth on the server host, executable by your user?
> - Are you really sure you're running the client from within an X session? :)
> 
> G'luck,
> Peter
> 
> -- 
> You have, of course, just begun reading the sentence that you have just finished reading.
> 
> On Fri, Jun 08, 2001 at 03:27:58PM -0400, Rob Simmons wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: RIPEMD160
> > 
> > With X forwarding on in /etc/ssh/sshd_config:
> > X11Forwarding yes
> > 
> > and using
> > ssh -X <user>@<host>
> > 
> > I don't see any ssh files in /tmp.  Does this bug apply to FreeBSD's
> > version of OpenSSH?
> > 
> > Robert Simmons
> > Systems Administrator
> > http://www.wlcg.com/
> > 
> > On Wed, 6 Jun 2001, Neil Blakey-Milner wrote:
> > 
> > > On Wed 2001-06-06 (12:48), Andreas Haugsnes wrote:
> > > > I've tested it with FreeBSD 4.3, and I have not found this bug
> > > > to apply.
> > > 
> > > Are you using X forwarding? (ie, ssh -X)
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE7ISvCv8Bofna59hYRA9UqAJ4wYdLUEGoUFU/0G9j5mC7aDTFxHACffT/e
igQ6elnzzHWp5UHLsdDYas4=
=vapR
-----END PGP SIGNATURE-----



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message