From owner-freebsd-bugs Wed Nov 11 06:30:00 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id GAA19707 for freebsd-bugs-outgoing; Wed, 11 Nov 1998 06:30:00 -0800 (PST) (envelope-from owner-freebsd-bugs@FreeBSD.ORG) Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id GAA19701 for ; Wed, 11 Nov 1998 06:29:59 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.8.8/8.8.5) id GAA17587; Wed, 11 Nov 1998 06:30:01 -0800 (PST) Date: Wed, 11 Nov 1998 06:30:01 -0800 (PST) Message-Id: <199811111430.GAA17587@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.ORG From: Cy Schubert - ITSD Open Systems Group Subject: Re: bin/8646: Implement rlogind -a option Reply-To: Cy Schubert - ITSD Open Systems Group Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org The following reply was made to PR bin/8646; it has been noted by GNATS. From: Cy Schubert - ITSD Open Systems Group To: Peter Wemm Cc: cschuber@uumail.gov.bc.ca, FreeBSD-gnats-submit@FreeBSD.ORG Subject: Re: bin/8646: Implement rlogind -a option Date: Wed, 11 Nov 1998 06:24:11 -0800 In message <199811110504.NAA08334@spinner.netplex.com.au>, Peter Wemm writes: > Cy Schubert wrote: > > > >Synopsis: Implement rlogind -a option > > > >Description: > > > > Implement rshd's -a option in rlogind. Hopefully this will > > provide a little better security. > > I'm not sure that this is the right thing.. What is it to protect? > Hostname spoofing for .rhosts? If so, that is already taken care of > within the ruserok() and iruserok() code in libc which deals with .rhosts. > > All that I can see that it does is verify the hostname for utmp purposes.. > What it should do in this case is log the IP address instead of the > hostname if there is a mismatch, and let ruserok() decide what to do. > > There is no need to refuse a connection from an incorrectly configured > client if that client has it's IP address (not hostname) explicitly listed > in the .rhosts file. > > Refusing service solely because of DNS problems is bad. Refusing to > *trust* DNS if there is a problem is much better. The logging should > switch to IP addresses if there is any doubt about the DNS integrity. > > Cheers, > -Peter > > > > I looked through the ruserok() and iruserok() code. You are indeed correct. I stand corrected. I suppose that the -a option in rshd should also be deprecated. Wietse Venema's comments about BSD-style "paranoid" checks in BUGTRAQ are false. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Open Systems Group Internet: cschuber@uumail.gov.bc.ca ITSD Cy.Schubert@gems8.gov.bc.ca Government of BC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message