Date: 05 Apr 2001 17:29:00 +0200 From: Assar Westerlund <assar@freebsd.org> To: Nick Sayer <nsayer@quack.kfu.com> Cc: cvs-committers@freebsd.org, cvs-all <cvs-all@freebsd.org> Subject: Re: cvs commit: src/secure/lib/libtelnet Makefile Message-ID: <5l66gjqsar.fsf@assaris.sics.se> In-Reply-To: Nick Sayer's message of "Thu, 05 Apr 2001 06:35:28 -0700" References: <200104050037.f350b7t89955@freefall.freebsd.org> <3ACC0695.4010603@quack.kfu.com> <3ACC74A0.7000304@quack.kfu.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Nick Sayer <nsayer@quack.kfu.com> writes: > By the way, lest anyone forget, all of this functionality we're talking > about isn't even the default for telnet. You actually have to *ask* for > it (telnet -a) to do an automatic login. IMHO allowing this to proceed > without at least ROT13ing ( :-) ) the authentication data does not meet > POLA guidelines. It's even worse than that, though, since plaintext is > used *without any warning*, which doesn't even allow the user a chance > to be astonished (unless he finds out someone sniffed his credentials). But autologin is the default now. But you have fixed the SRA prompts to behave as people except them (C-c able). /assar To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5l66gjqsar.fsf>