Re: root and .rhosts file

To: Jeppe Buk <buk@imada.ou.dk>
Cc: Debian User Mailing List <debian-user@lists.debian.org>
Subject: Re: root and .rhosts file
From: Brandon Mitchell <bhmit1@mail.wm.edu>
Date: Wed, 10 Sep 1997 12:55:58 -0400 (EDT)
Message-id: <[🔎] Pine.LNX.3.96.970910125412.1230B-100000@cnhobbes.ml.org>
Reply-to: bhmit1@mail.wm.edu
In-reply-to: <[🔎] Pine.LNX.3.95.970910154707.27545J-100000@blixen.imada.ou.dk>

It's a security hole (probably a simple dns spoof would gain root on
either machine.  And while I'm on the topic of security here, I'd suggest
ssh instead (harder, if not impossible to spoof).  But if you feel risky,
I think it is caused by the following:

bhmit1@hobbes(p1):bhmit1$ more /etc/securetty 
# /etc/securetty: list of terminals on which root is allowed to login.
# See securetty(5) and login(1).
tty1
tty2
tty3
tty4
tty5
tty6
tty7
tty8

HTH,
Brandon

-----
Brandon Mitchell                         E-mail: bhmit1@mail.wm.edu
  Homepage: http://www.geocities.com/SiliconValley/7877/home.html
                  PGP: finger -l bhmit1@cs.wm.edu                 
"We all know Linux is great...it does infinite loops in 5 seconds."
	--Linus Torvalds


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

Follow-Ups:
- Re: root and .rhosts file; kerberos
  - From: Rick Hawkins <rhawkins@iastate.edu>

References:
- root and .rhosts file
  - From: Jeppe Buk <buk@imada.ou.dk>

Prev by Date: Background NFS Mounts
Next by Date: Re: Building Debian Packages
Previous by thread: root and .rhosts file
Next by thread: Re: root and .rhosts file; kerberos
Index(es):
- Date
- Thread