Date: Sun, 19 Nov 1995 19:48:18 -0800 (PST) From: Julian Elischer <julian@ref.tfs.com> To: peter@jhome.DIALix.COM (Peter Wemm) Cc: terry@lambert.org, current@FreeBSD.ORG Subject: Re: rlogind wont allow root without password... rshd will. Message-ID: <199511200348.TAA02660@ref.tfs.com> In-Reply-To: <Pine.BSF.3.91.951120111343.28345A-100000@jhome.DIALix.COM> from "Peter Wemm" at Nov 20, 95 11:23:39 am
next in thread | previous in thread | raw e-mail | index | archive | help
It's arguable that in fact it's rsh that should be changed to dissallow root access.. someone somewhere must have made that change for a reason.. (one also needs to have "secure" on the ptys for this to work I note).. Peter, any chance you called that kid? > > On Sun, 19 Nov 1995, Terry Lambert wrote: > > > As root: > > > I can do "rsh freebsdmachine sh -i" and get a root shell. > > > I cannot do a "rlogin freebsdmachine" - it asks for a password. > > > > > > I think this is a futile attempt at "security-through-inconvenience" > > > (worse than the infamous security-through-obscurity) as it achieves > > > nothing but force people to use the non-wtmp-logged facility. > > > > You have convinced me. Someone needs to fix rsh so that the attempt > > is not futile. Root access should require an explicit .rhosts; the > > rlogin is failing correctly, apparently in a hosts.equiv case? > > rshd is working perfectly.. It is correctly ignoring hosts.equiv (via > iruserok() etc in libc) but is allowing explicit configuration in the > .rhosts file of root. > > > You haven't really documented the environment that allows the rsh to > > succeed so that it can be fixed... > > rlogind is what I'm complaining about. It wont let me do something that > I consider to be safer than having plaintext root passwords going over > the network... > > This is what I want to change: > > Index: rlogind.c > =================================================================== > RCS file: /home/ncvs/src/libexec/rlogind/rlogind.c,v > retrieving revision 1.5 > diff -u -5 -r1.5 rlogind.c > --- rlogind.c 1995/10/15 03:40:57 1.5 > +++ rlogind.c 1995/11/20 03:19:24 > @@ -585,14 +585,13 @@ > getstr(term+ENVSIZE, sizeof(term)-ENVSIZE, "Terminal type too long"); > > pwd = getpwnam(lusername); > if (pwd == NULL) > return (-1); > - if (pwd->pw_uid == 0) > - return (-1); > /* XXX why don't we syslog() failure? */ > - return (iruserok(dest->sin_addr.s_addr, 0, rusername, lusername)); > + return (iruserok(dest->sin_addr.s_addr, pwd->pw_uid == 0, > + rusername, lusername)); > } > > void > getstr(buf, cnt, errmsg) > char *buf; > > iruserok() is what is reponsible for the additional restrictions for root > logins... > > The environment that I'm complaining about: > on the server: > root has /root as a home directory > there is a /root/.rhosts file listing "client root" > on the client, as root: > rsh server sh -i works. > rlogin server always asks for a plaintext password due to the above. > > Cheers, > -Peter > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199511200348.TAA02660>