Re: Fix for Linux/AIX login hole

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: George Boyce: "Re: Fix for Linux/AIX login hole"
• Previous message: Casper Dik: "Re: AIX rlogind"
• In reply to: H Morrow Long: "Re: Fix for Linux/AIX login hole"
• Next in thread: George Boyce: "Re: Fix for Linux/AIX login hole"

H Morrow Long says:
> Of course this is no substitute for the IBM emergency patch which should
> be installed as well.  I do recommend removing the ability to rlogin to
> a root account.  There is no valid reason for root to be able to rlogin
> (well there might be a few but they are not as powerful as the arguments
> against).  /bin/su is the preferred method of becoming root and you can
> still telnet in and login on the console as root (I would encourage you
> to turn off the ability to telnet in and login as root as well, but...).

And what happens one morning when NIS stops working, or NFS starts
hanging, and you cannot log in as any user BUT root? Yes, this
happens.

Of course, the real answer is to kerberize all access to your machine, but...

Perry

• Next message: George Boyce: "Re: Fix for Linux/AIX login hole"
• Previous message: Casper Dik: "Re: AIX rlogind"
• In reply to: H Morrow Long: "Re: Fix for Linux/AIX login hole"
• Next in thread: George Boyce: "Re: Fix for Linux/AIX login hole"