Date: Sat, 15 Sep 2001 07:40:02 -0700 (PDT) From: David Malone <dwmalone@maths.tcd.ie> To: freebsd-bugs@FreeBSD.org Subject: Re: misc/30590: /etc/hosts.equiv and ~/.rhosts interaction violates POLA? Message-ID: <200109151440.f8FEe2w91340@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR misc/30590; it has been noted by GNATS. From: David Malone <dwmalone@maths.tcd.ie> To: Gavin Atkinson <ga105@york.ac.uk> Cc: freebsd-gnats-submit@FreeBSD.org Subject: Re: misc/30590: /etc/hosts.equiv and ~/.rhosts interaction violates POLA? Date: Sat, 15 Sep 2001 15:33:00 +0100 On Sat, Sep 15, 2001 at 07:20:22AM -0700, Gavin Atkinson wrote: > Therefore the sysadmin of a system cannot easily prevent rlogins from another system. This would seem to be a useful thing, for example if the remote system has been compromised. > Also, if a user cares more for his account's security than the sysadmin, he can't disable rlogins. Surely you would be much better off using hosts.allow or ipfw to prevent such connections? That way you would stop connections using telnet and ssh too. David. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200109151440.f8FEe2w91340>