From owner-freebsd-security  Mon Jul 28 21:13:00 1997
Return-Path: <owner-freebsd-security>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id VAA05909
          for security-outgoing; Mon, 28 Jul 1997 21:13:00 -0700 (PDT)
Received: from mail.MCESTATE.COM (vince@mail.MCESTATE.COM [207.211.200.50])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id VAA05904
          for <security@freebsd.org>; Mon, 28 Jul 1997 21:12:57 -0700 (PDT)
Received: from localhost (vince@localhost)
	by mail.MCESTATE.COM (8.8.5/8.8.5) with SMTP id VAA08131;
	Mon, 28 Jul 1997 21:12:45 -0700 (PDT)
Date: Mon, 28 Jul 1997 21:12:44 -0700 (PDT)
From: Vincent Poy <vince@mail.MCESTATE.COM>
To: Nate Williams <nate@mt.sri.com>
cc: "Jonathan A. Zdziarski" <jonz@netrail.net>, security@freebsd.org,
        JbHunt <johnnyu@accessus.net>, "[Mario1-]" <mario1@PrimeNet.Com>
Subject: Re: security hole in FreeBSD
In-Reply-To: <199707290409.WAA10250@rocky.mt.sri.com>
Message-ID: <Pine.BSF.3.95.970728211109.3844i-100000@mail.MCESTATE.COM>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

On Mon, 28 Jul 1997, Nate Williams wrote:

=)Vincent Poy writes:
=)> 	Apparently FreeBSD ships with .rhosts in the root account.
=)
=)Apparently you've yet to find a clue.  Go rub yourself with clue juice,
=)and dance the clue dance, and maybe you'll get one.

	Nothing is unhackable.  and the hacker did say it was the .rhosts
file along with perl5.00401 that did it.  Nothing is foolproof.


Cheers,
Vince - vince@MCESTATE.COM - vince@GAIANET.NET           ________   __ ____ 
Unix Networking Operations - FreeBSD-Real Unix for Free / / / / |  / |[__  ]
GaiaNet Corporation - M & C Estate                     / / / /  | /  | __] ]  
Beverly Hills, California USA 90210                   / / / / / |/ / | __] ]
HongKong Stars/Gravis UltraSound Mailing Lists Admin /_/_/_/_/|___/|_|[____]