Hello Damien. Okay I'll see. So the recipe right now is to depend on something to not mix user's sockets. Since this sounds a bit error prone, though, and I've also read the other user's comments now, wouldn't it be better to fix this in a way proposed there? I saw some patches and someone suggested to either apply the check for root as well or make something like StrictModes for the ~/.ssh for the sockets. I've also seem that claim that this user ID check would happen on the socket server side, which would be the one trying to attack, right? So can that be copied to the socket client side as well? Good, thanks for the note. Do you think it's easy to write a patch that makes 0s behave like "immediately exit after the last one is gone"? Would sound like a compelling default :-) Best wishes, Philippe _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev