Date: Mon, 20 Nov 1995 11:23:39 +0800 (WST) From: Peter Wemm <peter@jhome.DIALix.COM> To: Terry Lambert <terry@lambert.org> Cc: current@FreeBSD.ORG Subject: Re: rlogind wont allow root without password... rshd will. Message-ID: <Pine.BSF.3.91.951120111343.28345A-100000@jhome.DIALix.COM> In-Reply-To: <199511192300.QAA01780@phaeton.artisoft.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 19 Nov 1995, Terry Lambert wrote: > > As root: > > I can do "rsh freebsdmachine sh -i" and get a root shell. > > I cannot do a "rlogin freebsdmachine" - it asks for a password. > > > > I think this is a futile attempt at "security-through-inconvenience" > > (worse than the infamous security-through-obscurity) as it achieves > > nothing but force people to use the non-wtmp-logged facility. > > You have convinced me. Someone needs to fix rsh so that the attempt > is not futile. Root access should require an explicit .rhosts; the > rlogin is failing correctly, apparently in a hosts.equiv case? rshd is working perfectly.. It is correctly ignoring hosts.equiv (via iruserok() etc in libc) but is allowing explicit configuration in the .rhosts file of root. > You haven't really documented the environment that allows the rsh to > succeed so that it can be fixed... rlogind is what I'm complaining about. It wont let me do something that I consider to be safer than having plaintext root passwords going over the network... This is what I want to change: Index: rlogind.c =================================================================== RCS file: /home/ncvs/src/libexec/rlogind/rlogind.c,v retrieving revision 1.5 diff -u -5 -r1.5 rlogind.c --- rlogind.c 1995/10/15 03:40:57 1.5 +++ rlogind.c 1995/11/20 03:19:24 @@ -585,14 +585,13 @@ getstr(term+ENVSIZE, sizeof(term)-ENVSIZE, "Terminal type too long"); pwd = getpwnam(lusername); if (pwd == NULL) return (-1); - if (pwd->pw_uid == 0) - return (-1); /* XXX why don't we syslog() failure? */ - return (iruserok(dest->sin_addr.s_addr, 0, rusername, lusername)); + return (iruserok(dest->sin_addr.s_addr, pwd->pw_uid == 0, + rusername, lusername)); } void getstr(buf, cnt, errmsg) char *buf; iruserok() is what is reponsible for the additional restrictions for root logins... The environment that I'm complaining about: on the server: root has /root as a home directory there is a /root/.rhosts file listing "client root" on the client, as root: rsh server sh -i works. rlogin server always asks for a plaintext password due to the above. Cheers, -Peter
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.951120111343.28345A-100000>