From owner-freebsd-hackers Sun Nov 9 23:21:48 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id XAA09527 for hackers-outgoing; Sun, 9 Nov 1997 23:21:48 -0800 (PST) (envelope-from owner-freebsd-hackers) Received: from sax.sax.de (sax.sax.de [193.175.26.33]) by hub.freebsd.org (8.8.7/8.8.7) with SMTP id XAA09517 for ; Sun, 9 Nov 1997 23:21:44 -0800 (PST) (envelope-from j@uriah.heep.sax.de) Received: (from uucp@localhost) by sax.sax.de (8.6.12/8.6.12-s1) with UUCP id IAA07671 for hackers@FreeBSD.ORG; Mon, 10 Nov 1997 08:20:55 +0100 Received: (from j@localhost) by uriah.heep.sax.de (8.8.7/8.8.5) id IAA03511; Mon, 10 Nov 1997 08:13:53 +0100 (MET) Message-ID: <19971110081352.JL61976@uriah.heep.sax.de> Date: Mon, 10 Nov 1997 08:13:52 +0100 From: j@uriah.heep.sax.de (J Wunsch) To: hackers@FreeBSD.ORG Subject: Re: How useful is this patch? References: <19971109162421.IH64390@uriah.heep.sax.de> <199711092315.PAA27471@implode.root.com> X-Mailer: Mutt 0.60_p2-3,5,8-9 Mime-Version: 1.0 X-Phone: +49-351-2012 669 X-PGP-Fingerprint: DC 47 E6 E4 FF A6 E9 8F 93 21 E0 7D F9 12 D6 4E Reply-To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch) In-Reply-To: <199711092315.PAA27471@implode.root.com>; from David Greenman on Nov 9, 1997 15:15:10 -0800 Sender: owner-freebsd-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk As David Greenman wrote: > >Problem: you can cause someone else a DoS attack by maliciously > >filling his home directory. > You could also create a .rhosts file, allowing anyone to log in > as the user. Anybody enabling it on his $HOME must be insane. But i can see some value for it e.g. for a $HOME/kitchensink directory (which should, of course, not be in his $PATH either :). iruserok(3) should check the permissions of $HOME, and ignore an .rhosts iff $HOME is writable by anyone else than the owner. -- cheers, J"org joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-)