[PATCH] tcp-wrappers support extended to x11 forwards
Kevin Steves
stevesk at pobox.com
Sat Dec 1 07:09:41 EST 2001
On Fri, 30 Nov 2001, Osmo Paananen wrote:
:But without ACL the attack can come from host C which is not related to
:A or B. The attacker doesn't have the fake cookie, but he may guess it
:(by trying several times). I don't know how possible values there are for
:the fake cookie. My guess is that there is a lot of them. That is why
:this is not a big security hole.
if it's MIT-MAGIC-COOKIE-1, it's 128 bits.
More information about the openssh-unix-dev
mailing list