Re: -froot??? (AIX rlogin bug)

Derik Jarne x353-2490 (Derik.Jarne@osi.com)
Mon, 1 Aug 94 10:24:47 PDT

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: irvdwijk@cs.vu.nl: "Re: -froot??? (AIX rlogin bug)"
Previous message: DFRussell: "Re: -froot??? (AIX rlogin bug)"
Maybe in reply to: Eric Wedaa: "-froot??? (AIX rlogin bug)"

The bug that is described here can easily be stopped by disabling login
for IBM machines. However, this makes telnet the only means to get into 
the desired machine.

I was looking at a sh script written by "dougmc@graphite.comco.com (Doug McLaren)"
it in essence grabs the offending parameters and logs the attempts with 
/usr/bin/logger. Nothing complex here but the process of inserting this script
into the loop of login process works but is complicated by the TSM
Terminal State Management.

I know this is not reporting a bug or describing a bug, but it falls into the
rhelm of how to fix a hole. I think TSM will do the security for us but I not sure 
how this TSM is setup and maintained, Does anyone have working knowledge of these 
process/processes? 

Thanks in advance

Derik.Jarne@osi.com

Next message: irvdwijk@cs.vu.nl: "Re: -froot??? (AIX rlogin bug)"
Previous message: DFRussell: "Re: -froot??? (AIX rlogin bug)"
Maybe in reply to: Eric Wedaa: "-froot??? (AIX rlogin bug)"