Re: last-call issues..

[Tero Kivinen <kivinen%mail.niksula.cs.hut.fi@localhost>]

Simon Tatham writes:
> This is a horrifyingly ugly way to separate subsystem output from
> startup script output; not only is it ugly, it's also fragile. Why
> not do it the ordinary way, by means of using different file
> descriptors?

Because doing so is very hard if you try to port it to all possible
unix environments that there are. Also quite a lot of shells close ALL 
filedescriptors when they execute any program, just to get rid of
filedescriptors that are accidently left open by the system libraries
(like getpwent/getpwnam/getpwuid, which might leave the /etc/passwd
filedescriptor open).

Also I don't want to even think how this should be done on VMS or IBM
Mainframes. Somebody might want to have sftp for those systems also...

> I think that, given the existence of properly robust solutions like
> this, it's inelegant to suggest that implementors should use as
> fragile a mechanism as magic cookies.

Cookies work fine, and they are standard way of detecting that data
stream is ok. I think they are much more robust than playing around
with file descriptors etc. Also even if you can use file descriptors,
it does not mean that the other end can and will, thus you still might 
end up having non working subsystem, because other end sent something
you didn't want to ignore before starting the subsystem. 
-- 
kivinen%ssh.fi@localhost                               Work : +358 303 9870
SSH Communications Security                  http://www.ssh.fi/
SSH IPSEC Toolkit                            http://www.ssh.fi/ipsec/