Hi!
> > | If you can bind to low numbered ports, you can fake credentials for
> > | rsh or rlogin. From there, you can get to root on many machines
**************************************************************************
> > I can do that from a Windows PC, if necessary spoofing packets from a
> > legitimate host. So?
> >
> > Anyone who doesn't disable or severely restrict the r-commands is begging
> > for trouble: *they* are the security holes here, not CNBS.
>
> I wish people would keep repeating that argument. There are plenty of
> environments where the r-utilities are perfectly safe, such as between
> hosts in a machine room, where the room has a lock, a burglar alarm,
> and random people can't just plug PCs into the network.
Ok, but in many other environments r* utilites are not okay, and as a
nice consequence being able to bind low port is not automaticaly
equivalent to root compromise.
Pavel
-- I'm pavel@ucw.cz. "In my country we have almost anarchy and I don't care." Panos Katsaloulis describing me w.r.t. patents me at discuss@linmodems.org- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Wed Feb 23 2000 - 21:00:23 EST