Date: 03 Jan 2000 19:41:27 +0000 From: Philip Hands <phil@hands.com> To: Eivind Eklund <eivind@FreeBSD.ORG> Cc: Damien Miller <djm@mindrot.org>, Brian Fundakowski Feldman <green@FreeBSD.ORG>, security@FreeBSD.ORG, openssh-unix-dev@mindrot.org Subject: Re: OpenSSH protocol 1.6 proposal Message-ID: <87d7rjkkns.fsf@sheikh.hands.com> In-Reply-To: <20000103142050.B6173@bitbox.follo.net> (Eivind Eklund's message of "Mon, 3 Jan 2000 14:20:51 %2B0100") References: <Pine.BSF.3.96.1000103022509.7881A-100000@fledge.watson.org> <Pine.LNX.4.10.10001031922560.661-100000@mothra.mindrot.org> <20000103142050.B6173@bitbox.follo.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Eivind Eklund <eivind@FreeBSD.ORG> writes: ... > * a default of sending out agent forwarding > * no way to change the default and still selectively forward > > The patches for the latter two problems are trivial; I'm including > them below for completeness. I've included this in the Debian packages of ssh and OpenSSH for some time. I also disable X forwarding by default, since that allows classic X attacks to be launched by untrustworthy remote systems. These patches should be accepted upstream IMO. As ever, my openssh stuff can be found here: http://www.hands.com/~phil/debian/openssh/openssh_1.2.1pre24-1.diff.gz I think all changes except the debian/ directory itself should be either useful or at worst harmless upstream. Cheers, Phil. -- Boycott Amazon! --- http://linuxtoday.com/stories/13652.html To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?87d7rjkkns.fsf>