Bugtraq mailing list archives

Re: ruserok() & /etc/hosts.equiv

From: ccdes () ccdes princeton nj us (Carl Corey)
Date: Tue, 3 May 1994 05:12:33 -0500


At  9:28 PM 5/2/94 -0700, Walker Aumann wrote:

Big Bad Jon <jsz () netsys com> reponds:

Define what you meant by ``ruserok denies access'' --


A '+' is supposed to allow any user from any host, and it doesn't.


A '+' in my hosts.equiv file makes the routine return -1, regardless of
..rhosts.  While this is more secure than the expected behavior, I don't
consider it correct behavior.  Then again, really correct behavior wouldn't
include calling this function in the first place.


Perhaps Sun broke it on purpose.  Basically, there is no real reason to
trust all hosts, even if you're only on an in-house network.  I guess the
only real proponents of the + in hosts.equiv are crackers, as it doesn't
reveal the host they are using in an obvious way, and it allows them to
change hosts and still access your system.

BTW, this must be a new thing, as I know that early 4.1.x SunOS's came with
a + in hosts.equiv, and it did allow anyone to access the host.  Sadly, I
found this out when scanning my own network and finding a system run by a
VMS guy.

cc

Current thread:

Re: ruserok() & /etc/hosts.equiv Carl Corey (May 03)
- <Possible follow-ups>
- Re: ruserok() & /etc/hosts.equiv Carl Corey (May 03)
  - Re: ruserok() & /etc/hosts.equiv Walker Aumann (May 03)
- Re: ruserok() & /etc/hosts.equiv Uwe Ellermann (May 04)
  - Re: ruserok() & /etc/hosts.equiv Wietse Venema (May 21)
  - AIX rlogind peter () freedom nmsu edu (May 21)
    - Re: AIX rlogind Peter Wemm (May 21)
    - Re: AIX rlogind Kevin Johnson (May 22)
    - Re: AIX rlogind Casper Dik (May 22)
    - Re: AIX rlogind Kevin Johnson (May 22)
    - Re: AIX rlogind Casper Dik (May 22)

(Thread continues...)