[Developers] Exploitable security hole in TunnelRunner.c

[Jeremy Reichman]

Whatever the solution is, I'd like to see one where system administrators
who want to deploy SSHKeychain can do so cleanly -- preferably without
requiring it to be run first, and without it having to modify its own
on-disk permissions.

Some of us deploy SSHKeychain to multi-user systems via tools like Radmind
(radmind.org). Some also may want to tripwire our systems.

This is perhaps where the utility of the installer package shows through?

Thanks!


-- 
Jeremy