Skip site navigation (1)Skip section navigation (2)
Date:      05 Apr 2001 07:53:20 +0200
From:      Assar Westerlund <assar@FreeBSD.org>
To:        Nick Sayer <nsayer@quack.kfu.com>
Cc:        cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject:   Re: cvs commit: src/secure/lib/libtelnet Makefile
Message-ID:  <5lbsqbuc33.fsf@assaris.sics.se>
In-Reply-To: Nick Sayer's message of "Wed, 04 Apr 2001 22:45:57 -0700"
References:  <200104050037.f350b7t89955@freefall.freebsd.org> <3ACC0695.4010603@quack.kfu.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Nick Sayer <nsayer@quack.kfu.com> writes:
> Assar Westerlund wrote:
> 
> > assar       2001/04/04 17:37:07 PDT
> > 
> >   Modified files:        (Branch: RELENG_4)
> >     secure/lib/libtelnet Makefile 
> >   Log:
> >   MFC: 1.19: disable RSA
> >   
> >   Approved by:	jkh
> >   
> >   Revision  Changes    Path
> >   1.17.2.1  +2 -2      src/secure/lib/libtelnet/Makefile
> > 	http://www.freebsd.org/cgi/cvsweb.cgi/src/secure/lib/libtelnet/Makefile.diff?r1=1.17&r2=1.17.2.1
> 
> 1. It's SRA, not RSA.

Yes, I typoed.

> 2. Why was this necessary? What is so harmful about leaving SRA in? SRA 
> was not the most secure thing in the world, but it's certainly more 
> secure than plaintext.

Because it causes telnet to call telnet_gets for reading the username
and password and thus not allow C-c, C-] or any of the common
escapes.  This was considered a pain by lots of users on the mailing
lists (mainly -stable and -current) I think.  The right thing is of
course to make this reading of user input DTRT, but without the time
to take the right solution I did this to try to keep POLA.

/assar

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5lbsqbuc33.fsf>