<feed xmlns='http://www.w3.org/2005/Atom'>
<title>src/libexec/rexecd/rexecd.8, branch release/4.6.0</title>
<subtitle>FreeBSD source tree</subtitle>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/'/>
<entry>
<title>MFC: markup and misc fixes.</title>
<updated>2001-08-16T10:44:22+00:00</updated>
<author>
<name>Ruslan Ermilov</name>
<email>ru@FreeBSD.org</email>
</author>
<published>2001-08-16T10:44:22+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=00e7498229d3a52ae0593c046dad7c9ff530ad8d'/>
<id>00e7498229d3a52ae0593c046dad7c9ff530ad8d</id>
<content type='text'>
Approved by:	re
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Approved by:	re
</pre>
</div>
</content>
</entry>
<entry>
<title>MFC: remove whitespace at EOL.</title>
<updated>2001-07-22T12:07:25+00:00</updated>
<author>
<name>Dima Dorfman</name>
<email>dd@FreeBSD.org</email>
</author>
<published>2001-07-22T12:07:25+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=b5cf87e26a33fe12c8e2238149b5896b328f7fe2'/>
<id>b5cf87e26a33fe12c8e2238149b5896b328f7fe2</id>
<content type='text'>
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
</pre>
</div>
</content>
</entry>
<entry>
<title>MFC: recent mdoc(7) fixes.</title>
<updated>2000-12-08T13:53:03+00:00</updated>
<author>
<name>Ruslan Ermilov</name>
<email>ru@FreeBSD.org</email>
</author>
<published>2000-12-08T13:53:03+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=20456d91bc39a026844296de63b8f504acb054c9'/>
<id>20456d91bc39a026844296de63b8f504acb054c9</id>
<content type='text'>
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
</pre>
</div>
</content>
</entry>
<entry>
<title>MFC: 1.11</title>
<updated>2000-06-30T16:49:41+00:00</updated>
<author>
<name>Nick Sayer</name>
<email>nsayer@FreeBSD.org</email>
</author>
<published>2000-06-30T16:49:41+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=e0446b4df33712e1cb67071cd41008b68f894eec'/>
<id>e0446b4df33712e1cb67071cd41008b68f894eec</id>
<content type='text'>
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
</pre>
</div>
</content>
</entry>
<entry>
<title>$Id$ -&gt; $FreeBSD$</title>
<updated>1999-08-28T00:22:10+00:00</updated>
<author>
<name>Peter Wemm</name>
<email>peter@FreeBSD.org</email>
</author>
<published>1999-08-28T00:22:10+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=7f3dea244c40159a41ab22da77a434d7c5b5e85a'/>
<id>7f3dea244c40159a41ab22da77a434d7c5b5e85a</id>
<content type='text'>
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
</pre>
</div>
</content>
</entry>
<entry>
<title>Use err(3). -Wall cleaning. Use Pa for file names and add section in Xrefs.</title>
<updated>1997-11-26T07:29:04+00:00</updated>
<author>
<name>Philippe Charnier</name>
<email>charnier@FreeBSD.org</email>
</author>
<published>1997-11-26T07:29:04+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=6896720af322a1147179718fe1f62344aa369b8a'/>
<id>6896720af322a1147179718fe1f62344aa369b8a</id>
<content type='text'>
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
</pre>
</div>
</content>
</entry>
<entry>
<title>Revert $FreeBSD$ to $Id$</title>
<updated>1997-02-22T14:22:49+00:00</updated>
<author>
<name>Peter Wemm</name>
<email>peter@FreeBSD.org</email>
</author>
<published>1997-02-22T14:22:49+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=9e522f7a18a64d3b9ea901ed70d0eee78342f0c6'/>
<id>9e522f7a18a64d3b9ea901ed70d0eee78342f0c6</id>
<content type='text'>
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
</pre>
</div>
</content>
</entry>
<entry>
<title>Make the long-awaited change from $Id$ to $FreeBSD$</title>
<updated>1997-01-14T07:20:47+00:00</updated>
<author>
<name>Jordan K. Hubbard</name>
<email>jkh@FreeBSD.org</email>
</author>
<published>1997-01-14T07:20:47+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=1130b656e5fe4c2d1ba299e024d1b40eaeebd380'/>
<id>1130b656e5fe4c2d1ba299e024d1b40eaeebd380</id>
<content type='text'>
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
</pre>
</div>
</content>
</entry>
<entry>
<title>Back out recent security patch for rexecd.  After more careful analysis,</title>
<updated>1996-11-22T08:59:07+00:00</updated>
<author>
<name>Paul Traina</name>
<email>pst@FreeBSD.org</email>
</author>
<published>1996-11-22T08:59:07+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=a13e275f664b4542f7951230116e20ac04a2259a'/>
<id>a13e275f664b4542f7951230116e20ac04a2259a</id>
<content type='text'>
it is both uneeded and breaks certain lock-step timing in the rexec
protocol.

Yes, an attacker can "relay" connections using this trick,  but a properly
configured firewall that would make this sort of subterfuge necessary in the
first place (instead of direct packet spoofing) would also thwart useful
attacks based on this.
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
it is both uneeded and breaks certain lock-step timing in the rexec
protocol.

Yes, an attacker can "relay" connections using this trick,  but a properly
configured firewall that would make this sort of subterfuge necessary in the
first place (instead of direct packet spoofing) would also thwart useful
attacks based on this.
</pre>
</div>
</content>
</entry>
<entry>
<title>Do not attempt to open reverse channel until authentication phase has</title>
<updated>1996-11-19T18:03:16+00:00</updated>
<author>
<name>Paul Traina</name>
<email>pst@FreeBSD.org</email>
</author>
<published>1996-11-19T18:03:16+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=6c6cc60e3893e52350fe0cf4f6d74023326f80d1'/>
<id>6c6cc60e3893e52350fe0cf4f6d74023326f80d1</id>
<content type='text'>
succeeded.

Never allow the reverse channel to be to a privileged port.

Cannidate for:	2.1 and 2.2 branches

Reviewed by:	pst (with local cleanups)
Submitted by:	Cy Shubert &lt;cy@cwsys.cwent.com&gt;
Obtained from:	Jaeger &lt;jaeger@dhp.com&gt; via BUGTRAQ
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
succeeded.

Never allow the reverse channel to be to a privileged port.

Cannidate for:	2.1 and 2.2 branches

Reviewed by:	pst (with local cleanups)
Submitted by:	Cy Shubert &lt;cy@cwsys.cwent.com&gt;
Obtained from:	Jaeger &lt;jaeger@dhp.com&gt; via BUGTRAQ
</pre>
</div>
</content>
</entry>
</feed>
