[1593] in Kerberos_V5_Development
appl/bsd will lose rhosts authentication
daemon@ATHENA.MIT.EDU (Sam Hartman)
Thu Aug 15 22:45:47 1996
Date: Thu, 15 Aug 1996 22:45:36 -0400
From: Sam Hartman <hartmans@MIT.EDU>
To: krbdev@MIT.EDU
I noticed a patch to fix the setreuid handling in
appl/bsd/kcmd.c. Surprised, I wondered why appl/bsd/kcmd.c needed to
be dealing with uids in the first place.
Apparently, we provide a ruserok replacement that attempts to
deal with mode 600 .rhosts on NFS filesystems. I'm unconvinced that
rhosts authentication is worth this complexity, especially if it's
broken enough for people to be reporting bugs in it.
I see no need to post to the newsgroup about this because I've
already announced an intention to remove this functionality back in
the options discussion of January. At that time, I indicated I didn't
want to go back over the code and remove it, but next time I needed to
deal with that code it would be removed.
I don't know when I'll get around to doing this--possibly this
weekend, possibly a bit later. Anyway, I'll test kshd and klogind and
make sure that nothing breaks, and may just wait until after the next
release to check this in.
--Sam
