[buug] rlogin

[Rick Moen]

Quoting John Landahl (john at landahl.org):

> Ideally both actions are necessary, in case someone (or something) turns on 
> rshd/rlogind at some point.

At one point, I do remember hacking adduser to automatically create a
root-owned, zero-length ~/.rhosts , just on this theory.

> Even better would be to remove the r* tools from the system altogether
> so that isn't even possible.

These days, I do omit the daemon tools.  If a user wishes to compromise
some _other_ system's security, I'm not going to stop him.

-- 
Cheers,                                Before enlightenment, caffeine.
Rick Moen                              After enlightenment, caffeine.
rick at linuxmafia.com