[PATCH] / permitgwports / permitlisten
Philipp Heckel
philipp.heckel at gmail.com
Sat May 13 10:22:40 AEST 2017
Hello Devin,
it seems I haven't done my homework, and wrote a patch without properly
checking bugzilla ...
> Anyhow, just drawing attention of these 2 patches together – they’re
> similar, though not identical. [..] Your approaches looks
> very familiar, it felt like deja vu.
The patches are indeed very, very similar. I think that does underline
the need for such an option. I must admit I was pretty surprised that
it did not exist already.
> Ours also changes the behavior of permitopen.
While I generally agree with having to explicitly whitelist
"permitopen" host/port pairs, it does change the default behavior and
would probably break configuration in the wild. Or am I mistaken here?
Best
Philipp
More information about the openssh-unix-dev
mailing list