Date: Thu, 18 Apr 1996 22:38:45 +0200 (MET DST) From: J Wunsch <j@uriah.heep.sax.de> To: freebsd-hackers@freebsd.org (FreeBSD hackers) Cc: jraynard@dial.pipex.com (James Raynard) Subject: Re: Extra option for rlogind? Message-ID: <199604182038.WAA02177@uriah.heep.sax.de> In-Reply-To: <199604171606.QAA00530@dial.pipex.com> from "James Raynard" at Apr 17, 96 04:06:08 pm
next in thread | previous in thread | raw e-mail | index | archive | help
As James Raynard wrote: > >Our rlogind has a -s flag which will only read .rhosts files if they are > >owned by root. So users cannot create their own .rhosts files, without > >root knowing about it. > >More work for the sysadmin, and mabye not feasible on a machine with a lot > >of users, but it works for us. > > This would be very easy to add, as per the following (untested) > patches. Would this be a worthwhile addition, or is it just another > silly Linux gimmick? 8-) I don't really like it. If some admin is notorious about security, he can simply turn off rlogin/rsh, and force the people to use ssh instead. That would (IMO) make more sense. (Btw., if i were at such a site, i wouldn't trust root, and immediately remove the .rhosts, in particular if it's not readable for me. :-) -- cheers, J"org joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199604182038.WAA02177>