MacX and Ultrix 4.0
Barry Margolin
barmar at think.com
Sat Mar 2 17:13:26 AEST 1991
In article <JTKOHL.91Mar1145729 at quicksilver.MIT.EDU> jtkohl at MIT.EDU (John T Kohl) writes:
>Flame the vendor of MacX for using rexecd. rexecd is an ancient daemon
>which asks for username and password in cleartext. Using it on an open
>network is not advisable.
>[rshd is slightly better, in that it doesn't let you type a password,
>but it does rely on IP addresses. They can be forged, but it takes more
>work than it does to steal a password.]
Rexec uses a cleartext password, so that's out.
Rsh relies on knowing that a particular host is reasonably secure, so
that's out for personal computer clients.
What other widely-implemented remote execution protocol is there that MacX
should have used instead? MacX is supposed to be install-and-go, so any
solution that involves installing a Kerberized rshd is out.
--
Barry Margolin, Thinking Machines Corp.
barmar at think.com
{uunet,harvard}!think!barmar
More information about the Comp.unix.ultrix
mailing list