From owner-freebsd-security Fri Sep 22 14:42:35 2000 Delivered-To: freebsd-security@freebsd.org Received: from ns1.sunesi.net (ns1.sunesi.net [196.15.192.194]) by hub.freebsd.org (Postfix) with ESMTP id 1CB4737B422 for ; Fri, 22 Sep 2000 14:42:33 -0700 (PDT) Received: from nbm by ns1.sunesi.net with local (Exim 3.03 #1) id 13caaP-0008wP-00; Fri, 22 Sep 2000 23:42:25 +0200 Date: Fri, 22 Sep 2000 23:42:25 +0200 From: Neil Blakey-Milner To: Warner Losh Cc: Lyndon Nerenberg , freebsd-security@FreeBSD.ORG Subject: Re: sysinstall DOESN'T ASK, dangerous defaults! Message-ID: <20000922234224.A34348@mithrandr.moria.org> References: <20000922233318.A34189@mithrandr.moria.org> <200009222026.OAA71131@harmony.village.org> <200009222122.e8MLMG117534@orthanc.ab.ca> <20000922233318.A34189@mithrandr.moria.org> <200009222139.PAA71726@harmony.village.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0.1i In-Reply-To: <200009222139.PAA71726@harmony.village.org>; from imp@village.org on Fri, Sep 22, 2000 at 03:39:18PM -0600 Organization: Sunesi Clinical Systems X-Operating-System: FreeBSD 3.3-RELEASE i386 X-URL: http://rucus.ru.ac.za/~nbm/ Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri 2000-09-22 (15:39), Warner Losh wrote: > In message <20000922233318.A34189@mithrandr.moria.org> Neil Blakey-Milner writes: > : Maybe you can give me some clue - why is rsh and login suid-root? Can > : they function without it? > > No. Well, the kerberos support works, but they need to be suid root > to bind to low ports. That's part of what makes the normal protcol so > lame. Yeah, my brain eventually caught it - it's trying to tell the other system that the user isn't just pretending to be someone else. Ick. Neil -- Neil Blakey-Milner Sunesi Clinical Systems nbm@mithrandr.moria.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message