Hi all, We've recently upgraded to OpenSSH_2.5.2p2 from SSH Version 1.2.26 (under Solaris 2.7). One thing I have noticed that no longer works correctly is x-forwarding when combined with the nsu program (for anyone who doesn't know, nsu creates a new shell with the uid and gid of the specified user). I can see why this doesn't work under OpenSSH - the X-forwarding sets up the proxy X authorization key in a file, e.g. /tmp/ssh-VJBn1482/cookies, on the remote machine. Both the cookies file and the directory above it have read-write permission for the user only. This means that when you use nsu to change your uid and gid, the shell subsequently has no permissions to view the proxy x authorization details in this file and you see this error: host% nsu webadmin XauLockAuth timeout: /tmp/ssh-VJBn1482/cookies host% whoami webadmin host% As I've said, I can see why this doesn't work, but I'm curious to know if anyone has come up with a solution to this, so that we can use x-forwarding along with nsu. Thanks in advance for any help. Toby Blake University of Edinburgh
