Date: Fri, 1 Nov 1996 10:32:49 -0800 (PST) From: "Craig Shaver" <craig@ProGroup.COM> To: questions@FreeBSD.ORG Subject: Re: rcp by root Message-ID: <199611011832.KAA29070@seabass.progroup.com> In-Reply-To: <Pine.BSI.3.94.961029233141.369t-100000@gdi.uoregon.edu> from "Doug White" at Oct 29, 96 11:32:37 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> > On Mon, 28 Oct 1996, Mike Salmons wrote: > > > I can't setup my system to allow root to rcp from another freebsd system, it > > works ok as a user. I have a /.rhosts and a /etc/hosts.equiv file with the > > remote system listed. What else am I missing? > > This is probably a huge security violation since anyone with the root > password now has root access your computer too (using rsh & the other > r-utilities). > > Doug White | University of Oregon > Internet: dwhite@resnet.uoregon.edu | Residence Networking Assistant > http://gladstone.uoregon.edu/~dwhite | Computer Science Major > > I set up .rhosts in the /root directory and qualified it by the full host name. I will take it out now, and only put it in when I need to do backups to a remote tape. However, not just anyone with root can access this. I tried from another machine on the internet where I have root access. I got a message to the effect that root login was denied on that terminal. I think You would have to spoof the fully qualified domain name to make it work. How hard is it to do that? -- Craig Shaver (craig@progroup.com) (415)390-0654 Productivity Group POB 60458 Sunnyvale, CA 94088
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199611011832.KAA29070>