From owner-freebsd-hackers Thu Jun 27 11:34:19 1996 Return-Path: owner-hackers Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id LAA15779 for hackers-outgoing; Thu, 27 Jun 1996 11:34:19 -0700 (PDT) Received: from phaeton.artisoft.com (phaeton.Artisoft.COM [198.17.250.211]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id LAA15760; Thu, 27 Jun 1996 11:34:11 -0700 (PDT) Received: (from terry@localhost) by phaeton.artisoft.com (8.6.11/8.6.9) id LAA05468; Thu, 27 Jun 1996 11:30:17 -0700 From: Terry Lambert Message-Id: <199606271830.LAA05468@phaeton.artisoft.com> Subject: Re: I need help on this one - please help me track this guy down! To: lada@ws2301.gud.siemens.co.at (Hr.Ladavac) Date: Thu, 27 Jun 1996 11:30:17 -0700 (MST) Cc: michaelv@HeadCandy.com, vince@mercury.gaianet.net, ejs@bfd.com, mark@grumble.grondar.za, hackers@FreeBSD.org, security@FreeBSD.org, chad@mercury.gaianet.net, jbhunt@mercury.gaianet.net In-Reply-To: <199606270836.AA158394572@ws2301.gud.siemens.co.at> from "Hr.Ladavac" at Jun 27, 96 10:36:11 am X-Mailer: ELM [version 2.4 PL24] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-hackers@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk > > Seriously, you must be root to create a setuid root file. It doesn't > > matter *how* you try to create it. > > A five dollar question Vince: > > does root have .rhosts in his home directory? What is to be found there? > If he does, throw it away; it's enormously insecure. Similar with > /etc/host.equiv et cetera. man ruserok The authentication for vouchsafe protocols (rcmd/rsh based protocols) *specifically* ignores hosts.equiv and hosts.lpd for root. If root does not have a .rhosts, then it is secure from vouchsafe attack this way. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers.