Date: Tue, 10 Nov 1998 23:00:02 -0800 (PST) From: Peter Wemm <peter@netplex.com.au> To: freebsd-bugs@FreeBSD.ORG Subject: Re: bin/8646: Implement rlogind -a option Message-ID: <199811110700.XAA24502@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/8646; it has been noted by GNATS. From: Peter Wemm <peter@netplex.com.au> To: cschuber@uumail.gov.bc.ca Cc: FreeBSD-gnats-submit@FreeBSD.ORG Subject: Re: bin/8646: Implement rlogind -a option Date: Wed, 11 Nov 1998 13:04:01 +0800 Cy Schubert wrote: > >Synopsis: Implement rlogind -a option > >Description: > > Implement rshd's -a option in rlogind. Hopefully this will > provide a little better security. I'm not sure that this is the right thing.. What is it to protect? Hostname spoofing for .rhosts? If so, that is already taken care of within the ruserok() and iruserok() code in libc which deals with .rhosts. All that I can see that it does is verify the hostname for utmp purposes.. What it should do in this case is log the IP address instead of the hostname if there is a mismatch, and let ruserok() decide what to do. There is no need to refuse a connection from an incorrectly configured client if that client has it's IP address (not hostname) explicitly listed in the .rhosts file. Refusing service solely because of DNS problems is bad. Refusing to *trust* DNS if there is a problem is much better. The logging should switch to IP addresses if there is any doubt about the DNS integrity. Cheers, -Peter To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199811110700.XAA24502>