[353] in linux-security and linux-alert archive
Re: elm and /tmp/mbox.*
daemon@ATHENA.MIT.EDU (Tomasz Surmacz)
Mon Sep 11 06:47:31 1995
From: Tomasz Surmacz <ts@papaja.wroc.apk.net>
To: linux-security@tarsier.cv.nrao.edu
Date: Sun, 10 Sep 1995 23:12:04 +0200 (MET DST)
In-Reply-To: <199509100745.DAA17106@tarsier.cv.nrao.edu> from "owner-linux-security-digest@tarsier.cv.nrao.edu" at Sep 10, 95 03:45:08 am
> From: Lutz Pressler <Lutz.Pressler@Unix.AMS.Med.Uni-Goettingen.DE>
> Date: Sat, 2 Sep 1995 01:20:03 +0200 (MET DST)
> Subject: Re: elm and /tmp/mbox.*
>
> I just wrote:
>
> >A quick kind of "fix" is to create for every user who has no .rhosts
> >file an empty one (or to disable r-commands altogether).
No. The .rhosts file is just *one* quick method of getting into user's
account. If he has .rhosts file already you can attack him using
thousands of other methods, provided you can create arbitrary files in
user's home directory (.cshrc, .profile, .login, .logout (how many of
you have a .logout file?)). Other choices are countless - it is
impossible to thing of just everything. The only way is to correct this
misbehaviour at the source - the elm program in this case.
Tomasz
--
_________
(_ _' __) Tomasz R. Surmacz * Work:(071)202489, tsurmacz@asic.ict.pwr.wroc.pl
| (__ \ http://www.ict.pwr.wroc.pl/~tsurmacz/ Home: ts@papaja.wroc.apk.net
|__(____/ For PGP key finger tsurmacz@asic.ict.pwr.wroc.pl *----* irc: TomekS
