On 2025-04-29 16:31 +02, Jesper Wallin <jesper@ifconfig.se> wrote:
>> And what does firefox do then?
>> 
>
> I just though having access to ones ssh-agent was bad and that an
> attacker could use it to authenticate with the added keys.  But yeah,
> even if that statement is true, the attacker doesn't know where those
> keys are being used.  So yeah, maybe a bit far fetched.
>
>
> Though, another solution, *if* this is a problem at all that is, would
> be to use ssh-add with -c.  Then it doesn't matter where socket is
> located.  Though, if it's not a problem, my apologies for the noise. :-)

I think it's a problem, but if your thread modelling includes firefox
playing around with the ssh-agent, ssh-add -c doesn't help all that
much. I would assume that at that point firefox has arbitrary code
execution as your user and can just click the "ok" button.

I'd go for a fido hardware token.


-- 
In my defence, I have been left unsupervised.