On 25 July 2014 00:09, Damien Miller <djm@xxxxxxxxxxx> wrote: > > It shouldn't be anyway. We ship it setgid by default and also use prctl() > on Linux to prevent ptrace() > So with that setup on Linux it is not possible for an ordinary account to read memory of ssh-agent barring a kernel bug? In any case, as in my case everything runs in a container with no setuid/setguid binaries available, that would not help. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev