Bugtraq mailing list archives

Re: ruserok() & /etc/hosts.equiv

From: walkera () druggist gg caltech edu (Walker Aumann)
Date: Mon, 02 May 1994 21:28:35 PDT


Big Bad Jon <jsz () netsys com> reponds:

Define what you meant by ``ruserok denies access'' --


A '+' is supposed to allow any user from any host, and it doesn't.

As far as I can tell, ruserok() function, which is
defined in rcmd.o module of libc returns a ``0'' if
the machine name is listed in the ``hosts.equiv'' file
or the host and remote user name are found in the ``.rhosts'' 
file; Otherwise it just returns a ``-1'', so having a ``+''
in /etc/hosts.equiv means that ruserok in fact does NOT deny access.


A '+' in my hosts.equiv file makes the routine return -1, regardless of
.rhosts.  While this is more secure than the expected behavior, I don't
consider it correct behavior.  Then again, really correct behavior wouldn't
include calling this function in the first place.

Walker

Current thread:

Re: FIRST and CERT Perry E. Metzger (May 02)
- Re: FIRST and CERT Gene Spafford (May 02)
  - Re: FIRST and CERT Scott Chasin (May 02)
  - Re: FIRST and CERT saouli () math ethz ch (May 02)
- ruserok() & /etc/hosts.equiv Walker Aumann (May 02)
  - Re: ruserok() & /etc/hosts.equiv Big Bad Jon (May 02)
    - Re: ruserok() & /etc/hosts.equiv Walker Aumann (May 02)
    - Debate interuption - New firewalls book RayK (May 03)
- Re: FIRST and CERT Eric Brunson (May 02)
- <Possible follow-ups>
- Re: FIRST and CERT John Larson (May 02)