From owner-freebsd-stable  Fri Aug 25  8:36:33 2000
Delivered-To: freebsd-stable@freebsd.org
Received: from kci.kciLink.com (kci.kciLink.com [204.117.82.1])
	by hub.freebsd.org (Postfix) with ESMTP id 89A8337B43F
	for <freebsd-stable@FreeBSD.ORG>; Fri, 25 Aug 2000 08:36:31 -0700 (PDT)
Received: from onceler.kciLink.com (onceler.kciLink.com [204.117.82.2])
	by kci.kciLink.com (Postfix) with ESMTP id 1848DE8D2
	for <freebsd-stable@FreeBSD.ORG>; Fri, 25 Aug 2000 11:36:31 -0400 (EDT)
Received: (from khera@localhost)
	by onceler.kciLink.com (8.9.3/8.9.3) id LAA68841;
	Fri, 25 Aug 2000 11:36:31 -0400 (EDT)
	(envelope-from khera@kci.kciLink.com)
From: Vivek Khera <khera@kciLink.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <14758.37502.989465.176825@onceler.kciLink.com>
Date: Fri, 25 Aug 2000 11:36:30 -0400 (EDT)
To: FreeBSD Stable List <freebsd-stable@FreeBSD.ORG>
Subject: Re: nuking "unsafe" protocols (was Re: Upcoming rc.conf changes not loading certain currently loaded daemons) 
In-Reply-To: <200008250322.VAA31765@billy-club.village.org>
References: <20000824110414.C12752@winternet.com>
	<Pine.BSF.3.96.1000824101029.510G-100000@fingers.noc.uunet.co.za>
	<200008241201.IAA32736@sanson.reyes.somos.net>
	<20000824080419.B51628@dazed.slacker.com>
	<14757.15655.515615.780499@onceler.kciLink.com>
	<20000824162123.A80150@irrelevant.org>
	<14757.16490.269381.416596@onceler.kciLink.com>
	<20000824163533.B80150@irrelevant.org>
	<14757.17729.113055.693358@onceler.kciLink.com>
	<200008250322.VAA31765@billy-club.village.org>
X-Mailer: VM 6.72 under 21.1 (patch 11) "Carlsbad Caverns" XEmacs Lucid
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

>>>>> "WL" == Warner Losh <imp@village.org> writes:

WL> In message <20000824110414.C12752@winternet.com> Nathan Ahlstrom writes:
WL> : This PR may be of interest.
WL> : http://www.FreeBSD.org/cgi/query-pr.cgi?pr=15830 

WL> Actually, no.  It isn't that interesting.  More interesting would be
WL> something like the following which does it for all rcmd based things.
WL> It is out of OpenBSD, and likely needs a couple of tweaks before it
WL> can be committed.  Much more generic. :-)

Much more slick!  I like the idea of making rcmd(3) be ssh-aware, with
fallback to rsh for compatibility.  It seems the only change I'll need
to make to my backup process is to do it as a user of group operator
rather than as root.  Not a big issue.

-- 
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vivek Khera, Ph.D.                Khera Communications, Inc.
Internet: khera@kciLink.com       Rockville, MD       +1-301-545-6996
GPG & MIME spoken here            http://www.khera.org/~vivek/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message