[buug] rlogin
Rick Moen
rick at linuxmafia.com
Fri Nov 22 13:51:48 PST 2002
Quoting John Landahl (john at landahl.org):
> Ideally both actions are necessary, in case someone (or something) turns on
> rshd/rlogind at some point.
At one point, I do remember hacking adduser to automatically create a
root-owned, zero-length ~/.rhosts , just on this theory.
> Even better would be to remove the r* tools from the system altogether
> so that isn't even possible.
These days, I do omit the daemon tools. If a user wishes to compromise
some _other_ system's security, I'm not going to stop him.
--
Cheers, Before enlightenment, caffeine.
Rick Moen After enlightenment, caffeine.
rick at linuxmafia.com
More information about the buug
mailing list