On Mon, Sep 19, 2022 at 02:05:39PM -0700, Jacob Champion wrote: > It's not prevented, because a password is being used. In my tests I'm > connecting as an unprivileged user. > > You're claiming that the middlebox shouldn't be doing this. If this new > default behavior were the historical behavior, then I would have agreed. > But the cat's already out of the bag on that, right? It's safe today. > And if it's not safe today for some other reason, please share why, and > maybe I can work on a patch to try to prevent people from doing it.
Please note that this has been marked as returned with feedback in the current CF, as this has remained unanswered for a bit more than three weeks. -- Michael
signature.asc
Description: PGP signature