diff options
author | Darren Tucker <dtucker@zip.com.au> | 2009-10-07 08:47:02 +1100 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2009-10-07 08:47:02 +1100 |
commit | 893d73549d7cfa277434bf0113688a5a14055408 (patch) | |
tree | 7cc83baeb70199c132f8f239be7acfcf694d0384 /ChangeLog | |
parent | 6b286a46821fa230258f1da82d0e013cfe3bf685 (diff) |
- djm@cvs.openbsd.org 2009/08/27 17:44:52
[authfd.c ssh-add.c authfd.h]
Do not fall back to adding keys without contraints (ssh-add -c / -t ...)
when the agent refuses the constrained add request. This was a useful
migration measure back in 2002 when constraints were new, but just
adds risk now.
bz #1612, report and patch from dkg AT fifthhorseman.net; ok markus@
Diffstat (limited to 'ChangeLog')
-rw-r--r-- | ChangeLog | 7 |
1 files changed, 7 insertions, 0 deletions
@@ -60,6 +60,13 @@ | |||
60 | [sftp-server.8] | 60 | [sftp-server.8] |
61 | allow setting an explicit umask on the commandline to override whatever | 61 | allow setting an explicit umask on the commandline to override whatever |
62 | default the user has. bz#1229; ok dtucker@ deraadt@ markus@ | 62 | default the user has. bz#1229; ok dtucker@ deraadt@ markus@ |
63 | - djm@cvs.openbsd.org 2009/08/27 17:44:52 | ||
64 | [authfd.c ssh-add.c authfd.h] | ||
65 | Do not fall back to adding keys without contraints (ssh-add -c / -t ...) | ||
66 | when the agent refuses the constrained add request. This was a useful | ||
67 | migration measure back in 2002 when constraints were new, but just | ||
68 | adds risk now. | ||
69 | bz #1612, report and patch from dkg AT fifthhorseman.net; ok markus@ | ||
63 | 70 | ||
64 | 20091002 | 71 | 20091002 |
65 | - (djm) [Makefile.in] Mention readconf.o in ssh-keysign's make deps. | 72 | - (djm) [Makefile.in] Mention readconf.o in ssh-keysign's make deps. |