On on, again
steve at umiacs.umd.edu
steve at umiacs.umd.edu
Tue Nov 21 23:26:58 AEST 1989
I don't think that the modification to make rexd get the hostname of the
invoker and check for it in hosts.equiv (and, presumably, .rhosts) makes
on and rexd as secure as rsh/rlogin. I think -- though I am admittedly
not sure, not having read the sources recently -- that one can fake up the
RPC authentication junk for 'on', then send from any port, not just the
ones below 1024. That means that you don't even have to be root to break
into someone's machine.
Given the number of PCs with IP these days, and given L1-A, the
distinction is perhaps minor. Oh, for 4.4BSD and a much better security
model...
More information about the Comp.sys.sun
mailing list