NetBSD master CVS tree commits

To: source-changes%NetBSD.ORG@localhost
Subject: NetBSD master CVS tree commits
From: source%NetBSD.ORG@localhost
Date: 29 Jun 1997 02:40:01 -0000

lukem
Sat Jun 28 19:38:26 PDT 1997
Update of /cvsroot/src/usr.bin/login
In directory netbsd1:/var/slash-tmp/cvs-serv24247

Modified Files:
        login.c 
Log Message:
Don't leak some information (``you have no s/key'').

Only information leaks now are:
* if '-s -s' is used (only allow s/key users, and force s/key use),
  then "login incorrect" will be given if a non-s/key user (or
  non-existant user) attempts to login; no password will be prompted
  for.
  XXX: maybe this should be fixed, but further analysis is required.
* an s/key user will be reminded in the "Password" prompt that they
  have an s/key. Therefore it would be possible to determine if a user
  is active on the machine if they have an s/key.
  XXX: maybe an option is required to control this behaviour

Prev by Date: NetBSD master CVS tree commits
Next by Date: NetBSD master CVS tree commits
Previous by Thread: NetBSD master CVS tree commits
Next by Thread: NetBSD master CVS tree commits
Indexes:

Home | Main Index | Thread Index | Old Index