[1671] in Kerberos
MIT login.c
daemon@ATHENA.MIT.EDU (Dec-Glenn NoI Machin)
Mon Dec 9 20:25:42 1991
Date: Mon, 9 Dec 91 17:48:35 MST
From: gmachin@somnet.sandia.gov (Dec-Glenn NoI Machin)
To: kerberos@Athena.MIT.EDU
What was the rationale for requiring kerberized remote login programs to
use a modified login program, rather than using the -r option available
on most systems? With each vendor adding it's own bells and whistles to
login, the source for the login program is necessary so that
you perform the required checks that each vendor sees necessary. Since
rlogind (klogind) does authentication, the MIT login program is simply
doing authorzation checks (kuserok,passwd entry, etc). If klogind did the
authorization checks, along with some possible local username and remote
username shortening, klogind could call login -r and pass down local username,
remote username, and terminal type. The problem as I see it is that the
.rhosts file is still necessary. However from a security point of view
if all services that use .rhosts require kerberos authentication then
the .rhosts simply becomes an inconvience, not a security hole.
Are there any other network services other that rlogind, rshd that use
.rhosts for authorization?
