Date: Thu, 5 Apr 2001 07:20:07 -0400 (EDT) From: Daniel Eischen <eischen@vigrid.com> To: Nick Sayer <nsayer@quack.kfu.com> Cc: Assar Westerlund <assar@FreeBSD.org>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/secure/lib/libtelnet Makefile Message-ID: <Pine.SUN.3.91.1010405071536.26657A-100000@pcnet1.pcnet.com> In-Reply-To: <3ACC0E32.2090601@quack.kfu.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 4 Apr 2001, Nick Sayer wrote: > Assar Westerlund wrote: > > Because it causes telnet to call telnet_gets for reading the username > > and password and thus not allow C-c, C-] or any of the common > > escapes. This was considered a pain by lots of users on the mailing > > lists (mainly -stable and -current) I think. The right thing is of > > course to make this reading of user input DTRT, but without the time > > to take the right solution I did this to try to keep POLA. > > > But this "solution" by your own admission doesn't actually solve > anything. So you've in fact reduced the security of telnet for everyone > for no reason. And I have not seen the massive volume of complaints > about the prompt's behavior either, by the way. I would have thought the > first thing you might have done was brought these complaints to someone > most likely to be able to actually _fix_ the problem correctly. Anyone > paying attention might have noticed that when problems have popped up > with SRA in the past (telnet -x cores, for instance), I have responded > to them in a timely manner. Well, you missed two separate posts from myself to -current about the problem. Noone responded to these posts. Search for subject "telnet broken with auto-negotiation of encrypt/decrypt change". -- Dan Eischen To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SUN.3.91.1010405071536.26657A-100000>