Date: Wed, 23 Apr 1997 21:45:23 -0400 (EDT) From: Robert N Watson <rnw@andrew.cmu.edu> To: Pedro Giffuni <pgiffuni@fps.biblos.unal.edu.co> Cc: security@freebsd.org Subject: Re: Possible security hole in 2.2 Release. Message-ID: <Pine.SUN.3.93l.970423214341.9918A-100000@apriori.cc.cmu.edu> In-Reply-To: <335E75CF.705E@fps.biblos.unal.edu.co>
next in thread | previous in thread | raw e-mail | index | archive | help
My 2.2.1 default dot.rhosts in /usr/share/skel reads as follows: # $Id: dot.rhosts,v 1.3 1996/09/21 21:35:47 wosch Exp $ # # .rhosts - trusted remote host name and user data base # # see hosts.equiv(5), rsh(1), rlogin(1), rcp(1) # # This file should NOT be group or other readable. # OtherMachine # OtherMachine myFriend This doesn't appear to include + +, which certainly would cause the problem you identify :). BTW, I've read that the "#" at the beginning of the line is a bad idea, as you can pursuade a DNS server to pass back "#" as your host name, and spoof your way in. Do the r* service authentication routines ignore # signs, really? :) ---- Robert Watson <rnw+@Andrew.cmu.edu> On Wed, 23 Apr 1997, Pedro Giffuni wrote: > Howdy, > One of my users reported rlogin didn't ask for a password when he tried > to log from a remote box in another faculty. I haven't had the time to > check this out (I am sick and in home). The problem was only detected > from one Solaris box that doesn't has it's hostname correctly > configured. > The .rhosts files are from the standard distribution and include a line, > "+ +" that may be causing the problem. > I closed r* services on this box until I have a chance to check this > thoroughly. > > Pedro. >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SUN.3.93l.970423214341.9918A-100000>