From owner-freebsd-hackers Fri May 12 7:18:38 2000 Delivered-To: freebsd-hackers@freebsd.org Received: from quack.kfu.com (quack.kfu.com [170.1.70.2]) by hub.freebsd.org (Postfix) with ESMTP id B6E5F37B696 for ; Fri, 12 May 2000 07:18:35 -0700 (PDT) (envelope-from nsayer@quack.kfu.com) Received: from icarus.kfu.com (icarus.kfu.com [170.1.70.37]) by quack.kfu.com (8.9.2/8.9.3) with ESMTP id HAA07658 for ; Fri, 12 May 2000 07:18:30 -0700 (PDT) (envelope-from nsayer@quack.kfu.com) Received: from quack.kfu.com by icarus.kfu.com with ESMTP (8.9.3//ident-1.0) id HAA72551; Fri, 12 May 2000 07:18:29 -0700 (PDT) Message-ID: <391C12B5.E5A2DCD3@quack.kfu.com> Date: Fri, 12 May 2000 07:18:29 -0700 From: Nick Sayer X-Mailer: Mozilla 4.72 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: hackers@freebsd.org Subject: rexec as root Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I would like to gather some opinions in regards to _very slightly_ backing off on rexec's security. rexec makes the following checks, and refuses to allow usage if any are true: uid == 0 password is blank user is in /etc/ftpusers I put it to everyone that the first and third checks are equivalent and redundant. Moreover, since the first check can be done by the third check (and is at install time by default) without recompiling rexecd, removing the first check results in no real loss of security, while slightly increasing flexibility for those who have some need for it. Yes, the r commands are deprecated. But they are still there, and I am all for allowing the administrator to decide to override defaults rather than forcing them to alter the source and recompile it. Comments? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message