- todd@cvs.openbsd.org 2002/09/24 20:59:44
[sshd.8]
tweak the example $HOME/.ssh/rc script to not show on any cmdline the
sensitive data it handles. This fixes bug # 402 as reported by
kolya@mit.edu (Nickolai Zeldovich).
ok markus@ and stevesk@
diff --git a/ChangeLog b/ChangeLog
index f6aa78c..9eebcde 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -10,6 +10,12 @@
- markus@cvs.openbsd.org 2002/09/24 08:46:04
[monitor.c]
only call kerberos code for authctxt->valid
+ - todd@cvs.openbsd.org 2002/09/24 20:59:44
+ [sshd.8]
+ tweak the example $HOME/.ssh/rc script to not show on any cmdline the
+ sensitive data it handles. This fixes bug # 402 as reported by
+ kolya@mit.edu (Nickolai Zeldovich).
+ ok markus@ and stevesk@
20020923
- (tim) [configure.ac] s/return/exit/ patch by dtucker@zip.com.au
@@ -709,4 +715,4 @@
save auth method before monitor_reset_key_state(); bugzilla bug #284;
ok provos@
-$Id: ChangeLog,v 1.2479 2002/09/25 02:20:17 djm Exp $
+$Id: ChangeLog,v 1.2480 2002/09/25 02:20:52 djm Exp $
diff --git a/sshd.8 b/sshd.8
index 10098b8..22ab70e 100644
--- a/sshd.8
+++ b/sshd.8
@@ -34,7 +34,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: sshd.8,v 1.192 2002/09/16 22:03:13 stevesk Exp $
+.\" $OpenBSD: sshd.8,v 1.193 2002/09/24 20:59:44 todd Exp $
.Dd September 25, 1999
.Dt SSHD 8
.Os
@@ -737,12 +737,12 @@
if read proto cookie && [ -n "$DISPLAY" ]; then
if [ `echo $DISPLAY | cut -c1-10` = 'localhost:' ]; then
# X11UseLocalhost=yes
- xauth add unix:`echo $DISPLAY |
+ echo add unix:`echo $DISPLAY |
cut -c11-` $proto $cookie
else
# X11UseLocalhost=no
- xauth add $DISPLAY $proto $cookie
- fi
+ echo add $DISPLAY $proto $cookie
+ fi | xauth -q -
fi
.Ed
.Pp