Re: Security Info (root broken) (fwd)

der Mouse (mouse@Collatz.McRCIM.McGill.EDU)
Fri, 30 Sep 1994 13:18:15 -0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: kingpin@gnu.ai.mit.edu: "Re: Security Info (root broken) (fwd)"
Previous message: H Morrow Long: "Re: Various resources"

>> I see allowing 'r' commands into your installation as a Bad Thing
> The "r" commands are the most heterogeneous way of providing 8-bit
> connectivity to a system.

Well, for rsh and rcp, I agree.  But rlogin's (ab)use of the urgent
pointer, via the kernel trying to pretend it's an out-of-band channel,
causes me no end of headaches.  (Most recently, rlogin from SunOS 4.1.x
to NetBSD doesn't propagate the window size, and presumably will get a
few other things wrong as well.)  I finally got sufficiently fed up
that I wrote an rlogin-like remote login protocol which uses two
connections, one for data and one for the sort of control information
rlogin uses MSG_OOB for...and I've never had any trouble with it.

I wish nobody had ever even thought of turning the urgent pointer into
an out-of-band channel!  It's hopelessly broken in theory and works in
practice only over fast links with small amounts of data sent over the
out-of-band channel, and even then only when both ends are using
compatible interpretations of where the out-of-band data lies relative
to the urgent pointer.

					der Mouse

			    mouse@collatz.mcrcim.mcgill.edu

Next message: kingpin@gnu.ai.mit.edu: "Re: Security Info (root broken) (fwd)"
Previous message: H Morrow Long: "Re: Various resources"