On Wed, 19 Jul 2023, Christoph Anton Mitterer wrote: > Hey. > > On Wed, 2023-07-19 at 08:40 -0600, Damien Miller wrote: > > via a forwarded agent socket if the following > > conditions are met: > > I assume this also means that when: > ForwardAgent=no > respectively: > -a > is used, one is not vulnerable? You'd still be vulnerable to a local attack if they could get past the filesystem permissions, however this is highly unlikely. I'd recommend the workaround in the release notes though. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
