Date: Sun, 05 Aug 2001 15:38:47 +0100 From: Mark Murray <mark@grondar.za> To: "Andrey A. Chernov" <ache@nagual.pp.ru> Cc: Bill Fenner <fenner@research.att.com>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/lib/libopie Makefile Message-ID: <200108051438.f75EcmZ04259@grimreaper.grondar.za> In-Reply-To: <20010805023456.A36079@nagual.pp.ru> ; from "Andrey A. Chernov" <ache@nagual.pp.ru> "Sun, 05 Aug 2001 02:34:56 %2B0400." References: <20010805023456.A36079@nagual.pp.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
> > That is a bug that needs to be fixed in its own right. > > It is not a bug, it is official way OPIE detects that connection is > secure. That is, via environment variable :-( But environment variables are spoofable and therefore insecure. It may be the way that OPIE does it, but it is an insecure algorithm and it needs to be fixed. (I have a partial fix that does ttys(5) secure detection). > Do you know secure ways to detect running on X console? Or running under > SSH connection? X is pretty much by definition insecure, but there are ways of securing xterms. I am looking at how to detect this. I'm not sure how to detect SSH, but I'll listen to suggestions. M -- Mark Murray Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200108051438.f75EcmZ04259>