[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CVS: cvs.openbsd.org: src

To: tech_(_at_)_openbsd_(_dot_)_org
Subject: Re: CVS: cvs.openbsd.org: src
From: Theo de Raadt <deraadt_(_at_)_cvs_(_dot_)_openbsd_(_dot_)_org>
Date: Thu, 09 Jul 1998 19:30:42 -0600
Cc: source-changes_(_at_)_cvs_(_dot_)_openbsd_(_dot_)_org
Delivery-date: Thu Jul 9 18:27:06 1998

I knew about this problem over a year ago.  I bet this fix breaks
the protocol.

Back then, I searched for a way to fix the problem, but I couldn't
find one which didn't change the protocol.

> CVSROOT:	/cvs
> Module name:	src
> Changes by:	millert_(_at_)_cvs_(_dot_)_openbsd_(_dot_)_org	98/07/09 17:54:37
> 
> Modified files:
> 	libexec/rexecd : rexecd.c 
> 
> Log message:
> Don't open stderr channel until after the user has authenticated themselves
> and never open a reserved port.  Fix from www.infilsec.com, credited
> to "The South African Tiger Team".  While we're in here, don't leak
> info about who is a valid user.
>

Prev by Date: who is doing what?
Next by Date: problems with compiling a new 2.3 kernal
Previous by thread: Re: CVS: cvs.openbsd.org: src
Next by thread: Re: CVS: cvs.openbsd.org: src
Index(es):
- Date
- Thread

Visit your host, monkey.org