From 4b671ed3978524c024f11d0518f2bb7a349e7751 Mon Sep 17 00:00:00 2001
From: Frederik Schwan <frederik.schwan@linux.com>
Date: Thu, 11 Apr 2024 12:00:17 +0200
Subject: [PATCH] disable agent and tcp forwarding for AUR

---
 roles/aurweb/templates/aurweb_config.j2 | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/roles/aurweb/templates/aurweb_config.j2 b/roles/aurweb/templates/aurweb_config.j2
index 11c29538c..10edb4a59 100644
--- a/roles/aurweb/templates/aurweb_config.j2
+++ b/roles/aurweb/templates/aurweb_config.j2
@@ -3,3 +3,5 @@ Match User {{ aurweb_user }}
         AuthorizedKeysCommand /usr/local/bin/aurweb-git-auth.sh "%t" "%k"
         AuthorizedKeysCommandUser {{ aurweb_user }}
         AcceptEnv AUR_OVERWRITE
+        AllowTcpForwarding No
+        AllowAgentForwarding No
-- 
GitLab