[2623] in linux-net channel archive
Re: WARNING: libc/ruserok security hole (fwd)
daemon@ATHENA.MIT.EDU (Alan Cox)
Mon Apr 22 05:58:27 1996
From: Alan Cox <alan@cymru.net>
To: j@pobox.com (Joel Maslak)
Date: Mon, 22 Apr 1996 09:47:18 +0100 (BST)
Cc: linux-net@vger.rutgers.edu
In-Reply-To: <Pine.LNX.3.93.960421211345.2186B-100000@blackhole.blackfire.com> from "Joel Maslak" at Apr 21, 96 09:15:48 pm
>
> One addition: Jeff Coy Jr. <jcoy@jcoy-ppp.cscwc.pima.edu> stated that it
> is IMPORTANT to make sure /etc/hosts.equiv DOES NOT CONTAIN ANY SITES,
> INCLUDING LOCALHOST if you choose to continue running libc 5.3.9.
And you feel safe a user won't create a .rhosts file. If you've got the
broken libc5.3.9, bin it now and run a working libc, someone will always
slip up otherwise.
Alan
