Update to 1.1 because of a possible security problem:

 The socket creation code in fshd was not paranoid enough.  There
 were are at least two possible attacks:
 - If a malicious user has symlinked /tmp/fshd-<UID> to another
   file, fshd will chmod 0700 that file.
 - A race condition made it possible for an attacker to create an
   unsafe socket directory, so that the attacker can access an
   fshd tunnel.
 The attacker must alread have a local shell on the computer where
 fsh or fshd is invoked.
Other changes:
New timeout option, fixed to work with openssh2, now also usable if
you have to enter a password to connect, and some others.

3 files changed, 6 insertions, 5 deletions

diff --git a/security/fsh/Makefile b/security/fsh/Makefile
index 26cccc7f1b5..1f023b3691e 100644
--- a/security/fsh/Makefile
+++ b/security/fsh/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.1.1.1 2000/01/14 15:37:48 fredb Exp $
+# $NetBSD: Makefile,v 1.2 2000/12/14 11:55:03 wiz Exp $
 #
 
-DISTNAME=	fsh-1.0
+DISTNAME=	fsh-1.1
 CATEGORIES=	security net
 MASTER_SITES=	ftp://ftp.lysator.liu.se/pub/unix/fsh/ \
 		http://www.lysator.liu.se/fsh/
diff --git a/security/fsh/files/md5 b/security/fsh/files/md5
index e660011b671..b3e3c235534 100644
--- a/security/fsh/files/md5
+++ b/security/fsh/files/md5
@@ -1,3 +1,3 @@
-$NetBSD: md5,v 1.1.1.1 2000/01/14 15:37:49 fredb Exp $
+$NetBSD: md5,v 1.2 2000/12/14 11:55:04 wiz Exp $
 
-MD5 (fsh-1.0.tar.gz) = 295e5c8902d46f0abdc0f74feb43b57f
+MD5 (fsh-1.1.tar.gz) = 5c288b98e9f5901552dfd31feb9c1504
diff --git a/security/fsh/pkg/PLIST b/security/fsh/pkg/PLIST
index ebbfaab4b70..50090dd6a46 100644
--- a/security/fsh/pkg/PLIST
+++ b/security/fsh/pkg/PLIST
@@ -1,10 +1,11 @@
-@comment $NetBSD: PLIST,v 1.1.1.1 2000/01/14 15:37:49 fredb Exp $
+@comment $NetBSD: PLIST,v 1.2 2000/12/14 11:55:04 wiz Exp $
 bin/fcp
 bin/fsh
 bin/fshd
 bin/in.fshd
 libexec/fcpwrap
 share/fsh/fsh.py
+share/fsh/fshconfig.py
 share/fsh/fshd.py
 share/fsh/fshlib.py
 share/fsh/fshversion.py