Date: Mon, 10 Nov 1997 08:13:52 +0100 From: j@uriah.heep.sax.de (J Wunsch) To: hackers@FreeBSD.ORG Subject: Re: How useful is this patch? Message-ID: <19971110081352.JL61976@uriah.heep.sax.de> In-Reply-To: <199711092315.PAA27471@implode.root.com>; from David Greenman on Nov 9, 1997 15:15:10 -0800 References: <19971109162421.IH64390@uriah.heep.sax.de> <199711092315.PAA27471@implode.root.com>
next in thread | previous in thread | raw e-mail | index | archive | help
As David Greenman wrote: > >Problem: you can cause someone else a DoS attack by maliciously > >filling his home directory. > You could also create a .rhosts file, allowing anyone to log in > as the user. Anybody enabling it on his $HOME must be insane. But i can see some value for it e.g. for a $HOME/kitchensink directory (which should, of course, not be in his $PATH either :). iruserok(3) should check the permissions of $HOME, and ignore an .rhosts iff $HOME is writable by anyone else than the owner. -- cheers, J"org joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19971110081352.JL61976>