Date: Fri, 25 Aug 2000 14:28:32 -0700 (PDT) From: Jim.Pirzyk@disney.com To: FreeBSD-gnats-submit@freebsd.org Subject: conf/20847: root login from trusted hosts Message-ID: <200008252128.OAA84574@snoopy.fan.fa.disney.com>
next in thread | raw e-mail | index | archive | help
>Number: 20847 >Category: conf >Synopsis: Root login is allowed from trusted hosts >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Aug 25 14:30:00 PDT 2000 >Closed-Date: >Last-Modified: >Originator: Jim Pirzyk >Release: FreeBSD 4.1-RELEASE i386 >Organization: >Environment: Having machines in a netgroup file that are trusted between each other as root in the /root/.rhosts file. >Description: Can rsh to a remote FreeBSD host as root if the /root/.rhosts file exists with the local host in it. This is regardless of what the /etc/ttys file has in it (no secure entry on any of the networked ttys). The /etc/login.access file is the default file with everying commented out >How-To-Repeat: Have host A and B. Be root on A and have A in B's /root/.rhosts file. Then rsh B and see if you get in. >Fix: Have this line in /etc/login.access: -:root:ALL EXCEPT ttyv0 ttyv1 ttyv2 ttyv3 ttyv4 ttyv5 ttyv6 ttyv7 ttyv8 This should be setup in the default system and the 'secure' option should be taken out of the /etc/ttys file as well as the ttys man page since it does not apply anymore. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200008252128.OAA84574>