From owner-freebsd-questions  Sun May 13 18:45:46 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from dt051n37.san.rr.com (dt051n37.san.rr.com [204.210.32.55])
	by hub.freebsd.org (Postfix) with ESMTP id EA7D537B43C
	for <freebsd-questions@FreeBSD.ORG>; Sun, 13 May 2001 18:45:43 -0700 (PDT)
	(envelope-from DougB@DougBarton.net)
Received: from DougBarton.net (master [10.0.0.2])
	by dt051n37.san.rr.com (8.9.3/8.9.3) with ESMTP id SAA76838;
	Sun, 13 May 2001 18:45:14 -0700 (PDT)
	(envelope-from DougB@DougBarton.net)
Message-ID: <3AFF38AA.2B86D0DD@DougBarton.net>
Date: Sun, 13 May 2001 18:45:14 -0700
From: Doug Barton <DougB@DougBarton.net>
Organization: Triborough Bridge & Tunnel Authority
X-Mailer: Mozilla 4.77 [en] (X11; U; Linux 2.2.12 i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Mark Sergeant <msergeant@snsonline.net>
Cc: Lim Seng Chor <Lim.Seng.Chor@sit.edu.my>,
	Mike Tancsa <mike@sentex.net>, freebsd-questions@FreeBSD.ORG
Subject: Re: preventing direct root login on telnetd
References: <3AFBF92D.16732.AA3733@localhost> <200105110639.f4B6dVw00660@xyzzy.intranet.snsonline.net>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Mark Sergeant wrote:
> 
> If you telnet from another machine you are able to log in as root using SRA.
> This has only happened since 4.3-RELEASE.

	The security officer team is aware of the problem and working on a fix. 

Doug
-- 
    I need someone really bad. Are you really bad?

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message