[356] in linux-security and linux-alert archive
Re: elm and /tmp/mbox.*
daemon@ATHENA.MIT.EDU (Panzer Boy)
Mon Sep 11 20:46:19 1995
To: linux-security@tarsier.cv.nrao.edu
From: panzer@dhp.com (Panzer Boy)
Date: 11 Sep 1995 12:13:43 -0400
Tomasz Surmacz (ts@papaja.wroc.apk.net) wrote:
: > From: Lutz Pressler <Lutz.Pressler@Unix.AMS.Med.Uni-Goettingen.DE>
: > Date: Sat, 2 Sep 1995 01:20:03 +0200 (MET DST)
: > Subject: Re: elm and /tmp/mbox.*
: >
: > I just wrote:
: >
: > >A quick kind of "fix" is to create for every user who has no .rhosts
: > >file an empty one (or to disable r-commands altogether).
As I just posted this on the big-linux list, though it is something
important to remember.
-------------------------------------------------------------------------
As for the renaming of files, I guess you can learn strange things
anyday. This should be noted somewhere so that people who are creating
root owned ".rhosts" files in peoples directories to prevent them from
using them, or similar ideas, knows about it.
dhp:~panzer# id
uid=0(root) gid=0(root)
dhp:~panzer# touch file
> id
uid=405(panzer) gid=100(users)
> ls -l file
-rw-r--r-- 1 root root 0 Sep 9 13:49 file
> mv file file2
> ls -l file file2
ls: file: No such file or directory
-rw-r--r-- 1 root root 0 Sep 9 13:49 file2
-------------------------------------------------------------------------
--
-Matt (panzer@dhp.com) DI-1-9026
"That which can never be enforced should not be prohibited."
