simon-git: putty (master): Simon Tatham
Commits to Tartarus hosted VCS
tartarus-commits at lists.tartarus.org
Wed Sep 20 18:40:43 BST 2017
TL;DR:
ba4837d Add a -restrict-putty-acl option to Windows Pageant.
Repository: https://git.tartarus.org/simon/putty.git
On the web: https://git.tartarus.org/?p=simon/putty.git
Branch updated: master
Committer: Simon Tatham <anakin at pobox.com>
Date: 2017-09-20 18:40:43
commit ba4837dae819cffffe36fd6c0985d8df10d2873c
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=ba4837dae819cffffe36fd6c0985d8df10d2873c;hp=4ec27919454102386f18d24df188cac3f663dbdc
Author: Simon Tatham <anakin at pobox.com>
Date: Wed Sep 20 18:04:37 2017 +0100
Add a -restrict-putty-acl option to Windows Pageant.
This causes PuTTY processes spawned from its system-tray menu to run
with the -restrict-acl option (or rather, the synonymous &R prefix
used by my auto-constructed command lines for easier parsing).
The previous behaviour of Pageant was never to pass -restrict-acl to
PuTTY, even when started with -restrict-acl itself; this is not
actually a silly thing to want to do, because Pageant might well have
more need of -restrict-acl than PuTTY (it stores longer-term and more
powerful secrets) and conversely PuTTY might have more need to _not_
restrict its ACL than Pageant (in that among the things enabled by an
unrestricted ACL are various kinds of accessibility software, which is
more useful on the more user-facing PuTTY than on Pageant).
But for those who want to lock everything down with every security
option possible (even though -restrict-acl is only an ad-hoc
precaution and cannot deliver any hard guarantees), this new option
should fill in the UI gap.
doc/using.but | 12 ++++++++++++
windows/winpgnt.c | 26 ++++++++++++++++++++------
2 files changed, 32 insertions(+), 6 deletions(-)
More information about the tartarus-commits
mailing list