Here's a scratch.
I added an option, called "require_trusted", which enforces the trusted
network check even for users which do not have OPIE enabled.
If this option is not used, behaviour is unchanged.
The name "require_trusted" is catchy and compeling to use. However, if
it was used in default
On Fri, Mar 11, 2011 at 10:47:26AM +0100, Dag-Erling Smørgrav wrote:
> Lionel Flandrin writes:
> > I'd try to install and configure OTPW on my server to replace OPIE,
> > but it's not in the ports and I don't know PAM well enough to try and
> > mess with it, I would probably end up opening more se
Sex, 2011-03-11 às 10:46 +0100, Dag-Erling Smørgrav escreveu:
> Miguel Lopes Santos Ramos writes:
> > 1. The user does not have OPIE enabled and the remote host is listed as
> > a trusted host in /etc/opieaccess.
> > 2. The user has OPIE enabled and the remote host is listed as a trusted
> > host
Lionel Flandrin writes:
> I'd try to install and configure OTPW on my server to replace OPIE,
> but it's not in the ports and I don't know PAM well enough to try and
> mess with it, I would probably end up opening more security holes than
> I'm fixing.
If it's as good as the ad copy says it is, a
Miguel Lopes Santos Ramos writes:
> 1. The user does not have OPIE enabled and the remote host is listed as
> a trusted host in /etc/opieaccess.
> 2. The user has OPIE enabled and the remote host is listed as a trusted
> host in /etc/opieaccess, and the user does not have a file
> named .opiealway
