Bugtraq mailing list archives

Re: Re: COPS reporting unrestricted NFS exports under Linux

From: era () ucar edu (Ed Arnold)
Date: Mon, 6 Mar 1995 13:40:58 -0700 (MST)


Peter Sivo said:

I honestly don't have a handy document, but I remember reading somewhere
that depending on how naive your system software is, if someone had
a '#' mark in the /etc/hosts.equiv or /.rhosts files, I could change
some records in my DNS maps and rename my machine like so:

     3.100.212.129.in-addr.arpa    IN    PTR       me.foo.com

TO

     3.100.212.129.in-addr.arpa    IN    PTR       #

(something like that)

so that now my machine is renamed '#'.  When your machine sees my machine
coming in, and looks it up in DNS, it sees that my machine is named '#'
and since that appears in the /etc/hosts.equiv or /.rhosts, it allows access.


It was my understanding that recent versions of BIND do not allow
characters like '#' in hostnames.  Is Linux delivered with an old
BIND that does?

Current thread:

Re: COPS reporting unrestricted NFS exports under Linux Karl Strickland (Mar 03)
- <Possible follow-ups>
- Re: COPS reporting unrestricted NFS exports under Linux Peter Sivo (Mar 05)
- Re: COPS reporting unrestricted NFS exports under Linux Patrick Horgan (Mar 05)
  - Comments in /.rhosts (was Re: COPS reporting unrestricted NFS exports Christopher Samuel (Mar 07)
- Re: Re: COPS reporting unrestricted NFS exports under Linux Ed Arnold (Mar 06)
  - Re: Re: COPS reporting unrestricted NFS exports under Linux Mike Shaver (Mar 06)
  - how not to ship an O/S - more on Irix 5.2 anthony baxter (Mar 06)
- Re: Re: COPS reporting unrestricted NFS exports under Linux der Mouse (Mar 06)