Re: Capabilities

• Next message: Alan Cox: "Re: Success with Adrea's delack timer patch (Was: Ok, I give"
• Previous message: Casey Schaufler: "Re: Capabilities"
• In reply to: Theodore Y. Ts'o: "Re: Capabilities"
• Next in thread: Christopher Allen Wing: "Re: Capabilities"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

sorry, I have heard this one to many times. people say "turn off the r
commands and install ssh/kerberos, but make sure that I can still have
automatic authentication between machines so that programs can run without
human intervention"

the problem wiht this is that once someone gets onto one of these machines
thy still have access to the other machines, it doesn't matter if you are
using rsh, ssh, or something else (and if you use ssh you pay a
significant penalty due to encryption overhead) If you have machines on
your server network that you do not maintain in a secure manner, nothing
you do will work. If you do work to keep them secure (and have intrusio
detection to help you discover when you fail) then using the r commands is
not NESSASARILY a security hole.

David Lang

 On Fri, 11 Feb 2000, Theodore Y. Ts'o wrote:

> From: pjb1008@cam.ac.uk (Peter Benie)
> Date: Fri, 11 Feb 2000 09:35:58 +0000
>
> > Anyone who doesn't disable or severely restrict the r-commands is begging
> > for trouble: *they* are the security holes here, not CNBS.
>
> I wish people would keep repeating that argument. There are plenty of
> environments where the r-utilities are perfectly safe, such as between
> hosts in a machine room, where the room has a lock, a burglar alarm,
> and random people can't just plug PCs into the network.
>
> No, random people will just break into the RedHat 5.1 (or Slackware 4.x)
> system sitting in the back of the machine room, (forgotten, but plugged
> into the network) and then run a sniffer. In that case, the lock and
> the burgler alarm don't save you. If you're connected to the outside
> network, you're vulnerable. Even if you have a firewall, you may be
> vulnerable (firewalls have been known to screw up).
>
> It's best to assume that the r-utilities are *always* dangerous, and use
> ssh or Kerberos all the time. That way, when someone breaks into one of
> your machines on the network, all of the machines on your network aren't
> screwed.
>
> Defense in depth.... it's the only way to be sure.
>
> - Ted
>
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.rutgers.edu
> Please read the FAQ at http://www.tux.org/lkml/
>

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Alan Cox: "Re: Success with Adrea's delack timer patch (Was: Ok, I give"
• Previous message: Casey Schaufler: "Re: Capabilities"
• In reply to: Theodore Y. Ts'o: "Re: Capabilities"
• Next in thread: Christopher Allen Wing: "Re: Capabilities"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Tue Feb 15 2000 - 21:00:27 EST