[1194] in bugtraq
Re: Re: COPS reporting unrestricted NFS exports under Linux
daemon@ATHENA.MIT.EDU (Mike Shaver)
Tue Mar 7 01:46:35 1995
From: mshaver@schoolnet.carleton.ca (Mike Shaver)
To: era@ucar.edu
Date: Tue, 7 Mar 1995 00:42:34 -0500 (EST)
Cc: bugtraq@fc.net
In-Reply-To: <199503062040.NAA11181@niwot.scd.ucar.EDU> from "Ed Arnold" at Mar 6, 95 01:40:58 pm
Ed Arnold mumbled something vague about:
>
> > I honestly don't have a handy document, but I remember reading somewhere
> > that depending on how naive your system software is, if someone had
> > a '#' mark in the /etc/hosts.equiv or /.rhosts files, I could change
> > some records in my DNS maps and rename my machine like so:
> >
> > 3.100.212.129.in-addr.arpa IN PTR #
>
> It was my understanding that recent versions of BIND do not allow
> characters like '#' in hostnames. Is Linux delivered with an old
> BIND that does?
The issue isn't that the BIND will let him do that (a standard, new one
won't, but an old/hacked one would), but rather that Linux seems to
interpret the '#' as a hostname, and not a comment.
Mike
