Date: Sun, 5 Aug 2001 03:52:22 +0400 From: "Andrey A. Chernov" <ache@nagual.pp.ru> To: Mark Murray <mark@grondar.za> Cc: Bill Fenner <fenner@research.att.com>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/lib/libopie Makefile Message-ID: <20010805035222.A36935@nagual.pp.ru> In-Reply-To: <20010805023456.A36079@nagual.pp.ru> References: <20010803221915.A16875@nagual.pp.ru> <200108041415.f74EFhr12941@grimreaper.grondar.za> <20010805023456.A36079@nagual.pp.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Aug 05, 2001 at 02:34:56 +0400, Andrey A. Chernov wrote: > On Sat, Aug 04, 2001 at 15:15:43 +0100, Mark Murray wrote: > It is not a bug, it is official way OPIE detects that connection is > secure. That is, via environment variable :-( > > Do you know secure ways to detect running on X console? Or running under > SSH connection? I assume you got the clue, i.e. this list is not finite. Via Kerberos? Via SRA Telnet? etc. According to your point of view, you need to add to OPIE secure detections for each and every security connection ways. It is simple not possible, and every user of specific conenction will bug you that OPIE refuse to work for this particular connection way. I even not mention that this scheme gains nothing in double or triple connections, some of them are insecure - you can't detect them from OPIE. It means that correct answer is: no use false security restrictions, just warnings are enough. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010805035222.A36935>