Serious potential security problem. (was Re: BSD tty security, part 3: How to Fix It)
Neil Rickert
rickert at mp.cs.niu.edu
Thu May 2 00:09:53 AEST 1991
Why are we worrying about somebody sneaking in through a tiny crack in the
basement, when the front door is swinging wide open.
I just had the following experience:
I logged into a system (with rlogin). I was not asked for a password.
The following are, I believe, the relevant facts:
The system was a sun 4, running SunOS 4.1
/etc/hosts.equiv contains the infamous '+' line.
The sun is not running yp.
The sun is not running a nameserver.
There is no /etc/resolv.conf
The host from which I logged in is not listed in /etc/hosts or .rhosts
The 'who' command showed the numeric internet address of the host
from which I logged in, not its name.
The host from which I logged in is not on the same network.
Face it. That '+' in hosts.equiv is not safe now, never was safe, probably
never will be safe. As long as vendors insist in this misfeature, TTY
problems seem unimportant by comparison.
--
=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
Neil W. Rickert, Computer Science <rickert at cs.niu.edu>
Northern Illinois Univ.
DeKalb, IL 60115 +1-815-753-6940
More information about the Comp.unix.wizards
mailing list