On Sat, 2010-05-22 at 19:55 +0100, Colin Watson wrote: > It's not completely dropping security. If the user is the only member > of a group, then the group-writability confers no additional permissions > and it's OK to allow it. Well I've read the code for the ~/.ssh/config changes,... I mean it seems ok at least at a first glance,... but I think it's more or less only a heuristic and I guess upstream has it's reasons to not merge it... And what happens if group memberships changes just during that code part? Cheers, Chris.
Attachment:
smime.p7s
Description: S/MIME cryptographic signature