Subject: Re: Re: lib/30923
To: Zafer Aydogan <>
From: Rui Paulo <>
List: current-users
Date: 08/25/2005 13:26:29
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On 2005.08.25 11:00:54 +0000, Zafer Aydogan wrote:
| > I think the thread was all about the output message and the "secure" po=
| > of view of it. While I don't care much about the message printed, someo=
| > may want that as an option.
| >=20
| Rui, you don't seem to get it. A Message is printed by syslog on the
| console. The Message that should be removed is on the remote end.
| That is a security issue! The patch closes this hole. Please commit it.
| I don't get why you make a big fuzz about this.=20
| Check Free- and OpenBSD or Linux if you think they handle this different.
| They don't. Aslong this is a security issue they definitely don't !

This is not a security issue from my POV. What I want is an option to
change the behaviour. That's all.

		-- Rui Paulo

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.4.1 (NetBSD)