search for: usersupplied

...same thing would work with ssh if you compiled with Please take care here. Some telnetd versions use a non-secure way to alter their **argv to reflect the host which is connected to them. A maliciously formated hostname/DNS entry could be used to overwrite the value of the -L option to bypass the usersupplied login program. The maintainer of netkit has fixed it, AFAIK. So, it's wiser to update to the most recent version of netkit. Bye, Thomas -- Thomas Biege, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg E@mail: thomas@suse.de Function: Security Support & Auditing "lynx...