On 19 November 2015 at 04:50, Damien Miller <djm@xxxxxxxxxxx> wrote: > As far as I'm aware, none of the developers have anything to do with > the wiki page. The man pages should describe the correct behaviour > and the source should implement it :) Thank you! > > On Wed, 18 Nov 2015, Alon Bar-Lev wrote: > >> On 15 November 2015 at 09:55, Alon Bar-Lev <alon.barlev@xxxxxxxxx> wrote: >> > >> > Hi, >> > >> > Working with apache-sshd I found that it forces ~/.ssh/config to be >> > owned by user without group/others permissions. It failed for me >> > within my valid openssh environment. >> > >> > Within sources (readconf.c::read_config_file), I found that openssh >> > only enforces ownership by user and not group/others write. >> > >> > When I opened an issue, I was referred to this[1] wiki page (not sure >> > who maintain it) claiming that: >> > """ >> > This file must not be accessible to other users in any way. Set strict >> > permissions: read/write for the user, and not accessible by others. It >> > may group-writable if and only if that user is the only member of the >> > group in question. >> > """ >> > >> > Personally, I prefer the sources as a reference, but as this wiki page >> > is source for information for some, and find no reason why this file >> > is sensitive for read. >> > >> > I would like to know what is the expected behaviour. >> >> Hi! >> Anyone knows what is the expected behaviour? >> Thanks! >> >> > >> > Regards, >> > Alon Bar-Lev. >> > >> > [1] https://en.wikibooks.org/wiki/OpenSSH/Client_Configuration_Files#.7E.2F.ssh.2Fconfig >> _______________________________________________ >> openssh-unix-dev mailing list >> openssh-unix-dev@xxxxxxxxxxx >> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev >> _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev