From owner-cvs-all  Tue Dec 15 23:20:47 1998
Return-Path: <owner-cvs-all@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id XAA04355
          for cvs-all-outgoing; Tue, 15 Dec 1998 23:20:47 -0800 (PST)
          (envelope-from owner-cvs-all@FreeBSD.ORG)
Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id XAA04347;
          Tue, 15 Dec 1998 23:20:44 -0800 (PST)
          (envelope-from peter@FreeBSD.org)
From: Peter Wemm <peter@FreeBSD.ORG>
Received: (from peter@localhost)
	by freefall.freebsd.org (8.8.8/8.8.5) id XAA02795;
	Tue, 15 Dec 1998 23:20:45 -0800 (PST)
Date: Tue, 15 Dec 1998 23:20:45 -0800 (PST)
Message-Id: <199812160720.XAA02795@freefall.freebsd.org>
To: cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG
Subject: cvs commit: src/libexec/rlogind rlogind.c src/libexec/rshd rshd.8
         rshd.c
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk

peter       1998/12/15 23:20:45 PST

  Modified files:
    libexec/rlogind      rlogind.c 
    libexec/rshd         rshd.8 rshd.c 
  Log:
  As previously threatened, clean up the rshd -a option and make it default
  on rshd and rlogind.  However, note that:
  1: rshd used to drop a connection with -a if the hostname != ip address.
     This is unneeded, because iruserok() does it's own checking.
     It was also wrong if .rhosts had an explicit IP address in it,
     connections would be dropped from that host solely because the DNS was
     mismatched even though it was explicitly intended to work by IP address.
  2: rlogind and rshd check the hostname mappings by default now because that
     is what goes into the utmp/wtmp and logs.  If the hostname != ip address,
     then it uses the IP address for logging/utmp/wtmp purposes.  There isn't
     much point logging ficticious hostnames.
  3: rshd -a is now accepted (but ignored) for compatability.  If you really
     want to make life miserable for people with bad reverse DNS, use tcpd in
     paranoid mode (which is questionable anyway, given DNS ttl tweaking).
  
  Revision  Changes    Path
  1.20      +21 -47    src/libexec/rlogind/rlogind.c
  1.14      +3 -11     src/libexec/rshd/rshd.8
  1.23      +26 -53    src/libexec/rshd/rshd.c

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message