Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 23 Nov 1996 08:30:08 -0800 (PST)
From:      Skip Watson <ciaran@aldhfn.aldhfn.org>
To:        freebsd-bugs
Subject:   Re: bin/2092: rlogind not using passwords 
Message-ID:  <199611231630.IAA01534@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The following reply was made to PR bin/2092; it has been noted by GNATS.

From: Skip Watson <ciaran@aldhfn.aldhfn.org>
To: Poul-Henning Kamp <phk@critter.tfs.com>
Cc: FreeBSD-gnats-submit@freebsd.org
Subject: Re: bin/2092: rlogind not using passwords 
Date: Sat, 23 Nov 1996 11:20:16 -0500 (EST)

 On Sat, 23 Nov 1996, Poul-Henning Kamp wrote:
 
 > >>How-To-Repeat:
 > >
 > >	It happens all of the time. There's nothing special that needs to be 
 > >done.
 > 
 > Please take a peek in the manpage for ruserok() and see if you didn't
 > overlook something...
 
 From the man page (but you know this ;-)).
 ------------
      The iruserok() and ruserok() functions take a remote host's IP address or
      name, as returned by the gethostbyname(3) routines, two user names and a
      flag indicating whether the local user's name is that of the super-user.
      Then, if the user is NOT the super-user, it checks the /etc/hosts.equiv
      file.  If that lookup is not done, or is unsuccessful, the .rhosts in the
      local user's home directory is checked to see if the request for service
      is allowed.
      If this file does not exist, is not a regular file, is owned by anyone
      other than the user or the super-user, or is writeable by anyone other
      than the owner, the check automatically fails.  Zero is returned if the
      machine name is listed in the ``hosts.equiv'' file, or the host and re-
      mote user name are found in the ``.rhosts'' file; otherwise iruserok()
      and ruserok() return -1.  If the local domain (as obtained from
      gethostname(2))  is the same as the remote domain, only the machine name
      need be specified.
 -----------
 	The user is not the super-user. The remote site is not in 
 /etc/hosts.equiv and the user has no .rhosts file. It should fail.
 
 	I'm not a programmer so I can't go in and check things :-(.
 	I did install tcp_wrapper to see if that made any difference. For what 
 it is worth, it didn't.
  
 Skip
 --
 Auldhaefen Online Services		automated info: info@aldhfn.org
 330 745-9380 voice			     questions: support@aldhfn.org
 330 753-8791 bbs/fax			        person: ciaran@aldhfn.org
 330 745-7624 data		                   WWW: http://www.ald.net

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199611231630.IAA01534>