On Sat, 14 Apr 2007 16:18:20 +1000, Amos Shapira wrote: > > That said, I'm not sure that I can trust SSH_CLIENT/SSH_CONNECTION since > they are passed from the client. Maybe a getpeername(2) on stdin/stdout can > be used as a more secure way to obtain the client's IP.
You are mistaken. You can trust the SSH_CLIENT/SSH_CONNECTION, it is taken from the TCP stack, not from the client (same as getpeername). Ehud. -- Ehud Karni Tel: +972-3-7966-561 /"\ Mivtach - Simon Fax: +972-3-7966-667 \ / ASCII Ribbon Campaign Insurance agencies (USA) voice mail and X Against HTML Mail http://www.mvs.co.il FAX: 1-815-5509341 / \ GnuPG: 98EA398D <http://www.keyserver.net/> Better Safe Than Sorry ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
