Hi Theo, Theo de Raadt wrote on Fri, Nov 13, 2015 at 01:36:23AM -0700:
> I really want to delete telnet entirely, I often use it for testing unencrypted SMTP and HTTP across the Internet. Which tool would you recommend for that purpose? > but there are still occasions when someone might want to use it > on an intranet. Other telnet tools are probably worse shape. > > This adds two pledge calls. I made the mistake of looking through the code. That thing is big! It is easy to miss stuff in a large program, but from what i saw, your pledge looks good to me. You might wish to cross-check these three points though: * Does "inet" actually allow the following setsockopt() arguments: SO_DEBUG, SO_RTABLE, IP_TOS, IPV6_TCLASS? I know nothing about socket options. * Does ioctl(TIOCGWINSZ) in TerminalWindowSize(), sys_bsd.c require "ioctl"? The pledge(2) manual seems to say so. * Do getpwnam() and getpwuid() in tn(), commands.c require "getpw"? The pledge(2) manual seems to say so, or is "rpath" sufficient here and YP irrelevant? > The subshell and skey support are removed (you can use ^Z), > and you cannot start a new telnet session. > Only the first session. No objection, but my OK probably doesn't mean much for that. Yours, Ingo > (That is not handled nicely yet... I'm looking into it). [...]
