Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!news.mira.net.au!news.vbc.net!samba.rahul.net!rahul.net!a2i!news.PBI.net!news.mathworks.com!newsfeed.internetmci.com!netnews.nwnet.net!nwnet.net!not-for-mail From: aad@nwnet.net (Anthony Talltree) Newsgroups: comp.unix.bsd.bsdi.misc Subject: Re: Rdist Date: 16 Oct 1996 17:40:02 -0700 Organization: NorthWestNet, Bellevue, WA, USA, Earth Lines: 10 Message-ID: <543v92$o7f@olympus.nwnet.net> References: <325F07C9.6DC0@lynx.bc.ca> <53pocr$8ov@nntp.igs.net> Reply-To: aad@nwnet.net NNTP-Posting-Host: olympus.nwnet.net >If someone sees a glaring security hole in this; let me know) Plain .rhosts authentication can be broken by spoofing the remote IP address. Ultrix, for example, requires that hosts in .rhosts files be in /etc/hosts, and does not interpret # as a comment character in .rhosts. Use rdist 6.1.2+, and use SSH as the transport instead of rexec().