Return to BSD News archive
Xref: sserve comp.unix.bsd:14574 comp.security.unix:6756 Path: sserve!newshost.anu.edu.au!harbinger.cc.monash.edu.au!msuinfo!agate!dog.ee.lbl.gov!news.cs.utah.edu!u.cc.utah.edu!cs.weber.edu!terry From: terry@cs.weber.edu (Terry Lambert) Newsgroups: comp.unix.bsd,comp.security.unix Subject: Re: rlogind decrements port numbers -- why? Date: 15 Aug 1994 23:48:04 GMT Organization: Weber State University, Ogden, UT Lines: 47 Message-ID: <32ourk$duh@u.cc.utah.edu> References: <32o6qu$fdj@spruce.cic.net> NNTP-Posting-Host: cs.weber.edu In article <32o6qu$fdj@spruce.cic.net> pauls@locust.cic.net (Paul Southworth) writes: ] It appears that the return port for rlogin data is assigned starting at ] 1023 and goes down from there for each subsequent connection to rlogind. ] Why is that? And why is it the opposite of telnet? What would be the ] ramification of having the rlogin data ports assigned in the unprivileged ] range (above 1024) and incremented instead of decremented? Is there ] some difference between rlogin and telnet that requires rlogin data ports ] to be in the privileged range? Look up "vouchsafe" in your computer dictionary! Your telnet works by requiring you to login on the remote system; that is, the remote system's authentication mechanism is enforcing the security. Your rlogin, on the other hand, if set up correctly will vouchsafe you to the remote system... that is: 1) You are logged onto a system 2) You are considered a valid user on that system 3) The remote system is "willing to take the word" of your system that you are who it says you are. The way this works is that unless you are root, you are not permitted to grab a "reserved port" -- that is, a port in the range 1-1023. This assumes that, unles you are root, you can't fake your identity on the local system. By virtue of the fact you are coming from a reserved port, your system is vouching that you are who it says you are. Then it is u to the remote system to decide if it trusts your system or not (look at the ruserok() manual page). You may also want to check out the RFC's relevent to rlogin/rcmd protocol. In a vouchsafed environment, all of the systems are only as secure as the least secure system. Unless you also run TCPWrappers and/or IPFilter. 8-). Regards, Terry Lambert terry@cs.weber.edu --- Any opinions in this posting are my own and not those of my present or previous employers.