Date: Mon, 28 Jul 1997 21:39:39 -0700 (PDT) From: Jan Koum <jkb@best.com> To: Annelise Anderson <andrsn@andrsn.stanford.edu> Cc: John Preisler <john@helium.vapornet.com>, security@FreeBSD.ORG Subject: Re: security hole in FreeBSD Message-ID: <Pine.BSF.3.96.970728213147.13313F-100000@shell6.ba.best.com> In-Reply-To: <Pine.BSF.3.96.970728204037.22919B-100000@andrsn.stanford.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Well, yes and no. Yes: FreeBSD installs dot.rhosts in /usr/share/skel where by default new dot.files come from into user directories. Of course, most (some?) of people change the files in the directory or the default directory itself. No: The file doesn't provide any security problems initially since it has '#' at every line and therefor can't be used without further modification. Maybe: There should be no dot.rhosts at all -- that might decrease the ammount of people using it and in return minimize headache to sys admins? Than again, maybe not. Almost positive: Sholdn't this threat be taken off line by now? From what I have seen the break-in has not occured due to the critical and/or unknown bug in the FreeBSD. On Mon, 28 Jul 1997, Annelise Anderson wrote: > >On Mon, 28 Jul 1997, John Preisler wrote: > >> I'm not convinced that FreeBSD installs a /root/.rhosts by default. >> None of my boxes have it. >> >> -jrp > >Neither do mine. > > Annelise > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.970728213147.13313F-100000>