Re: r commands

[dennisg () sickly cybersafe com (Dennis Glatting)]

>   Well guess i'll just pitch in my two cents in. If you dont
> allow users to set up their own .rhosts files, or you
> dissable them compleately. Then you loose what makes the
> r commands so wanted by people.... transparency. They
> like them because they dont have to type a user name and
> passwd to log into other machines. Now if this dissapears
> then rlogin is a beefed up telnet. Therefore you must a)
> Allow you users to use them and simply drop all incoming
> packets to any ports where the r deamons hang at the
> router. or b) dont allow them at all. 

>

>   In a university setting a) is probably fine while a
> bussiness would probably go with b). 

>


I remember an article where Bill Joy said "the r utilities were just  
a hack until the telent and ftp protocols are formalized". The  
article continued "they escaped from the lab."

As a system administrator I can tell you the r utilities are a major  
source of security holes, particularly the .rhosts file. As I  
developer, I can tell you the r utility source and cross platform  
issues suck.

If you got'm, don't smoke'm.


-dpg