[2167] in Kerberos-V5-bugs


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: rlogin bugs

daemon@ATHENA.MIT.EDU (Theodore Y. Ts'o)
Mon Aug 19 23:54:27 1996

Date: Mon, 19 Aug 1996 23:54:23 -0400
From: "Theodore Y. Ts'o" <tytso@MIT.EDU>
To: "Barry Jaspan" <bjaspan@MIT.EDU>
Cc: Sam Hartman <hartmans@MIT.EDU>, krb5-bugs@MIT.EDU
In-Reply-To: "[2162] in Kerberos-V5-bugs"

I disagree as well; rlogin fallback is extremely useful, and in general
you don't lose much security.  The only time you lose is if (a) you have
an active attacker impersonating the target host, and (b) you care about
mutual authentication and don't want the attacker to see what you are
typing to the target host, and (c) you really wanted to encrypt, and (d)
you miss the "fallback" warning message.

System administrators who are paranoid enough to consider this a concern
can simply just "rm rlogin.ucb".  

							- Ted


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[2167] in Kerberos-V5-bugs

Re: rlogin bugs

daemon@ATHENA.MIT.EDU (Theodore Y. Ts'o)Mon Aug 19 23:54:27 1996

daemon@ATHENA.MIT.EDU (Theodore Y. Ts'o)
Mon Aug 19 23:54:27 1996