From owner-freebsd-stable@FreeBSD.ORG Fri Mar 19 03:56:34 2004 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6700116A501 for ; Fri, 19 Mar 2004 03:56:33 -0800 (PST) Received: from pcwin002.win.tue.nl (pcwin002.win.tue.nl [131.155.71.72]) by mx1.FreeBSD.org (Postfix) with ESMTP id ACF7E43D2D for ; Fri, 19 Mar 2004 03:56:32 -0800 (PST) (envelope-from stijn@pcwin002.win.tue.nl) Received: from pcwin002.win.tue.nl (orb_rules@localhost [127.0.0.1]) by pcwin002.win.tue.nl (8.12.11/8.12.11) with ESMTP id i2JBur5K092958; Fri, 19 Mar 2004 12:56:53 +0100 (CET) (envelope-from stijn@pcwin002.win.tue.nl) Received: (from stijn@localhost) by pcwin002.win.tue.nl (8.12.11/8.12.11/Submit) id i2JBurMx092957; Fri, 19 Mar 2004 12:56:53 +0100 (CET) (envelope-from stijn) Date: Fri, 19 Mar 2004 12:56:53 +0100 From: Stijn Hoop To: Rob Message-ID: <20040319115653.GG77036@pcwin002.win.tue.nl> References: <405AD53B.4050207@users.sourceforge.net> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="JWEK1jqKZ6MHAcjA" Content-Disposition: inline In-Reply-To: <405AD53B.4050207@users.sourceforge.net> User-Agent: Mutt/1.4.2.1i X-Bright-Idea: Let's abolish HTML mail! cc: freebsd-stable@freebsd.org Subject: Re: /etc/login.access suspicious statement X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 19 Mar 2004 11:56:34 -0000 --JWEK1jqKZ6MHAcjA Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Mar 19, 2004 at 08:10:51PM +0900, Rob wrote: > In /etc/login.access I find these lines: >=20 > # Disallow non-local logins to privileged accounts (group wheel). > # > #-:wheel:ALL EXCEPT LOCAL .win.tue.nl >=20 > What is the ".win.tue.nl" doing here? >=20 > Is somebody at ".win.tue.nl" hoping for an innocent user to uncomment > this and allow login permission to the machine...;)? Well it has suprised me in the past as well, even if I work at .win.tue.nl = :) It boils down to the fact that the author of the tcpwrappers, Wietse Venema, once worked at our department (the Faculty of Mathematics & Computer Science of Eindhoven Technical University). He chose to document his wrappers using his local examples. These are just those examples. But it got me as well -- when I tried to determine what I'd changed locally= a grep of 'win.tue.nl' showed up far more files than I had ever touched :) In any case, for political correctness the examples could be changed to the formal example domain names (example.org iirc). I just don't think anyone w= as bothered enough to do that. HTH, --Stijn (@win.tue.nl :) --=20 "Diane, 2:15 in the afternoon, November 14. Entering town of Twin Peaks. Five miles south of the Canadian border, twelve miles west of the state line. Never seen so many trees in my life. As W.C. Fields would say, I'd rather be here than Philadelphia." -- Special Agent Dale Cooper, "Twin Peaks" --JWEK1jqKZ6MHAcjA Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFAWuAFY3r/tLQmfWcRAvUlAJ0ZfmYMbVEaDzk6DaOGh8PE9M6h9QCgqvYw PjtkTRFWccKceqN9Wetr+Aw= =yDPQ -----END PGP SIGNATURE----- --JWEK1jqKZ6MHAcjA--