[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#192416: ITP: rsh-redone -- Reimplementation of remote shell tools.

On Thu, May 08, 2003 at 08:49:48AM -0500, Steve Langasek wrote:
> On Thu, May 08, 2003 at 01:36:41PM +0100, Andrew Suffield wrote:
> 
> > > If you have a network that is already
> > > secure (for example, behind a decent firewall, or a VPN), using ssh only
> > > means lots of unnecessary overhead. The lack of security in rsh is not a
> > > bug, it is just the way it is supposed to work.
> 
> > Security should be end-to-end, not point-to-point. The sheer number of
> > times a site has been compromised because their "secure" network
> > wasn't and somebody was using rsh...
> 
> I quite agree.  We should be thinking about ways to remove the need for
> the *first* rsh implementation we ship, not adding another one.

Maybe. Once the world consists of new computers with new operating
systems, no one will need rsh. While there are old machines around, some
people will need it.

Frank

> 
> -- 
> Steve Langasek
> postmodern programmer
Reply to: