Date: Sat, 23 Nov 1996 08:30:08 -0800 (PST) From: Skip Watson <ciaran@aldhfn.aldhfn.org> To: freebsd-bugs Subject: Re: bin/2092: rlogind not using passwords Message-ID: <199611231630.IAA01534@freefall.freebsd.org>
index | next in thread | raw e-mail
The following reply was made to PR bin/2092; it has been noted by GNATS.
From: Skip Watson <ciaran@aldhfn.aldhfn.org>
To: Poul-Henning Kamp <phk@critter.tfs.com>
Cc: FreeBSD-gnats-submit@freebsd.org
Subject: Re: bin/2092: rlogind not using passwords
Date: Sat, 23 Nov 1996 11:20:16 -0500 (EST)
On Sat, 23 Nov 1996, Poul-Henning Kamp wrote:
> >>How-To-Repeat:
> >
> > It happens all of the time. There's nothing special that needs to be
> >done.
>
> Please take a peek in the manpage for ruserok() and see if you didn't
> overlook something...
From the man page (but you know this ;-)).
------------
The iruserok() and ruserok() functions take a remote host's IP address or
name, as returned by the gethostbyname(3) routines, two user names and a
flag indicating whether the local user's name is that of the super-user.
Then, if the user is NOT the super-user, it checks the /etc/hosts.equiv
file. If that lookup is not done, or is unsuccessful, the .rhosts in the
local user's home directory is checked to see if the request for service
is allowed.
If this file does not exist, is not a regular file, is owned by anyone
other than the user or the super-user, or is writeable by anyone other
than the owner, the check automatically fails. Zero is returned if the
machine name is listed in the ``hosts.equiv'' file, or the host and re-
mote user name are found in the ``.rhosts'' file; otherwise iruserok()
and ruserok() return -1. If the local domain (as obtained from
gethostname(2)) is the same as the remote domain, only the machine name
need be specified.
-----------
The user is not the super-user. The remote site is not in
/etc/hosts.equiv and the user has no .rhosts file. It should fail.
I'm not a programmer so I can't go in and check things :-(.
I did install tcp_wrapper to see if that made any difference. For what
it is worth, it didn't.
Skip
--
Auldhaefen Online Services automated info: info@aldhfn.org
330 745-9380 voice questions: support@aldhfn.org
330 753-8791 bbs/fax person: ciaran@aldhfn.org
330 745-7624 data WWW: http://www.ald.net
home |
help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199611231630.IAA01534>