On Wed, 20 Aug 2008, Dag-Erling Smorgrav wrote:
des 2008-08-20 10:40:07 UTC
FreeBSD src repository
Modified files:
crypto/openssh readconf.c
Log:
SVN rev 181918 on 2008-08-20 10:40:07Z by des
Use net.inet.ip.portrange.reservedhigh instead of IPPORT_RESERVED.
Submitted upstream, no reaction.
Submitted by: delphij@
MFC after: 2 weeks
While better than what was there before, I still think that this code is
incorrect. SSH should be using the user credential to create and bind
forwarding sockets, not the root credential, and should not be attempting to
guess the kernel's policy, even if that guess is now a bit more informed.
However, I guess that more complete and desirable fix is more complicated...
Robert N M Watson
Computer Laboratory
University of Cambridge
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "[EMAIL PROTECTED]"