flaw in RLOGIN protocol?

[Roy Smith]

rsm at amethyst.ma.arizona.edu (Robert Maier) writes:
> I recently dug into the BSD4.3 versions of rlogin.c and rlogind.c, and
> among other things figured out the (undocumented?) RLOGIN protocol.

	How is rlogin broken?  Let me count the ways.  First off, there is
no documentation of the protocol.  Some camps claim that the Berkeley folks
who wrote it intended it more as a quick hack and a demonstration of what
you could do with the 4.2 networking code than as a real product and hence
didn't document it; they felt that if they documented it, too many people
would start to use it.  Unfortunately, it's too late now.

	Second, it depends on out-of-band signaling, which itself is
completely broken in both 4.2 and 4.3 systems.  Not only does it depend on
OOB, but as Robert stated, it ALSO uses in-band non-escapable magic cookies
to pass some information.  The worst of both worlds.

	Lastly, it's Unix-specific, depending on rexec (rsh) to work.  I
suspect it would be very hard to build a rlogin server on a non Unix
system.  I have, over the years, made several serious attempts to build my
own rlogin client.  Every attempt has failed, mostly because OOB doesn't
work properly.  Or rather, the way it works is poorly documented and even
after you figure out exactly what it is doing (i.e. marking BOTH sides of
the urgent data mark) it is counter-intuitive and so difficult to program
around that it is essentially unusable.
-- 
Roy Smith, System Administrator
Public Health Research Institute
{allegra,philabs,cmcl2,rutgers}!phri!roy -or- phri!roy at uunet.uu.net
"The connector is the network"