Date: Fri, 12 May 2000 13:19:07 -0600 From: Warner Losh <imp@village.org> To: nsayer@freebsd.org Cc: freebsd-hackers@freebsd.org Subject: Re: rexec as root Message-ID: <200005121919.NAA13182@harmony.village.org> In-Reply-To: Your message of "Fri, 12 May 2000 11:19:29 PDT." <391C4B31.4B1DB762@sftw.com> References: <391C4B31.4B1DB762@sftw.com> <391C12B5.E5A2DCD3@quack.kfu.com> <200005121731.LAA12588@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <391C4B31.4B1DB762@sftw.com> Nick Sayer writes: : Warner Losh wrote: : : > [...] In the absense of this : > test, machines in a yp netowrk would be extremely vulnerable to root : > uid penetration when an intruder can hack the yp database, or spoof : > replies. : : Ok. How about adding an rexecd command line flag to disable : that test (with suitable warnings in the man page)? I'd be all for a "make this insanely insecure protocol even more insecure because security doesn't matter to my setup" flag. So long as it isn't default :-) Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200005121919.NAA13182>