Date: 05 Apr 2001 07:53:20 +0200 From: Assar Westerlund <assar@FreeBSD.org> To: Nick Sayer <nsayer@quack.kfu.com> Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/secure/lib/libtelnet Makefile Message-ID: <5lbsqbuc33.fsf@assaris.sics.se> In-Reply-To: Nick Sayer's message of "Wed, 04 Apr 2001 22:45:57 -0700" References: <200104050037.f350b7t89955@freefall.freebsd.org> <3ACC0695.4010603@quack.kfu.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Nick Sayer <nsayer@quack.kfu.com> writes: > Assar Westerlund wrote: > > > assar 2001/04/04 17:37:07 PDT > > > > Modified files: (Branch: RELENG_4) > > secure/lib/libtelnet Makefile > > Log: > > MFC: 1.19: disable RSA > > > > Approved by: jkh > > > > Revision Changes Path > > 1.17.2.1 +2 -2 src/secure/lib/libtelnet/Makefile > > http://www.freebsd.org/cgi/cvsweb.cgi/src/secure/lib/libtelnet/Makefile.diff?r1=1.17&r2=1.17.2.1 > > 1. It's SRA, not RSA. Yes, I typoed. > 2. Why was this necessary? What is so harmful about leaving SRA in? SRA > was not the most secure thing in the world, but it's certainly more > secure than plaintext. Because it causes telnet to call telnet_gets for reading the username and password and thus not allow C-c, C-] or any of the common escapes. This was considered a pain by lots of users on the mailing lists (mainly -stable and -current) I think. The right thing is of course to make this reading of user input DTRT, but without the time to take the right solution I did this to try to keep POLA. /assar To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5lbsqbuc33.fsf>