Bugtraq mailing list archives

Re: Fix for Linux/AIX login hole

From: perry () imsi com (Perry E. Metzger)
Date: Tue, 24 May 1994 07:27:21 -0400


H Morrow Long says:

Of course this is no substitute for the IBM emergency patch which should
be installed as well.  I do recommend removing the ability to rlogin to
a root account.  There is no valid reason for root to be able to rlogin
(well there might be a few but they are not as powerful as the arguments
against).  /bin/su is the preferred method of becoming root and you can
still telnet in and login on the console as root (I would encourage you
to turn off the ability to telnet in and login as root as well, but...).


And what happens one morning when NIS stops working, or NFS starts
hanging, and you cannot log in as any user BUT root? Yes, this
happens.

Of course, the real answer is to kerberize all access to your machine, but...

Perry

Current thread:

Re: Fix for Linux/AIX login hole Serge J. Goldstein (May 23)
- Re: Fix for Linux/AIX login hole Doug McLaren (May 23)
- <Possible follow-ups>
- Re: Fix for Linux/AIX login hole Doug Siebert (May 23)
  - Re: Fix for Linux/AIX login hole Christopher Klaus (May 23)
- Re: Fix for Linux/AIX login hole H Morrow Long (May 23)
  - Re: Fix for Linux/AIX login hole Perry E. Metzger (May 24)
    - Re: Fix for Linux/AIX login hole George Boyce (May 24)
    - Re: Fix for Linux/AIX login hole Perry E. Metzger (May 24)