Re: AIX rlogind

[mrgreen () mame mu oz au (matthew green)]

> : I've just checked DEC OSF/1 V2.0. This seems to be partially ok. The -froot
> : method won't work (I get complaints about -r, -o, and -t being unknown options
> : which implies its -f option doesn't take an argument). However the -h trick is
> : still available (but is obviously less severe).
>
> I'm not sure it is less severe.  Can't it be used for host spoofing
> when using rlogin - just set up a user of the appropriate name on your
> own host and rlogin -l -htrusted.host ???  (I haven't been able to test
> this yet because I don't have any untrusted hosts handy that can get
> through the log_tcp blocking!)

i believe it is only able to fool utmp/wtmp type things.
using the ``-l -htrusted.host'' hack trashes the -remote-
username you would normally pass.

i may be wrong.