- if (S_IWOTH & $stat->mode) {
- return sprintf("improper other writability on '%s'", $path);
+ # see the rationalization in secure_filename() in auth.c in the
+ # OpenSSH sources for an explanation of this bailout (see also
+ # monkeysphere #675):
+ if ($path eq $user->dir) {
+ mslog('DEBUG', "stopping at the %s's home directory '%s'\n", $user->name, $path);
+ return undef;