OpenSSH 4.1: call for testing.
Damien Miller
djm at mindrot.org
Tue Apr 5 19:11:51 EST 2005
Gert Doering wrote:
> Hi,
>
> On Tue, Apr 05, 2005 at 12:42:08PM +1000, Damien Miller wrote:
>
>>>out of curiousity: who *does* support this, if not the BSDs? Or is it
>>>just NetBSD that can't do it yet?
>>
>>Apparently, there has been an unapplied patch for NetBSD to implement
>>this since 1.4.2:
>>
>>http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=10798
>>
>>Hopefully someone will clean it up and commit it - it is an important
>>thing to have.
>
>>From the comments, it seems to be a political issue - "we already have a
> superiour mechanism, we don't want any of this". *hrmpf*
Well, it would be better if it could support the interface that other
vendors have adopted.
It seems that the NetBSD method complicates things for consumers
of the API - it apperars to need data sent for the creds to be made
available to the peer. So you can't do accept(), getpeereid(), drop you
must forestall the check until later.
-d
More information about the openssh-unix-dev
mailing list