G'day James, Forwarding a message from James Seng: > Anyway, what i did on my system is put a .rhosts file in every user > directory. chmod 000 .rhosts and chown root .rhosts. Not all user needs > .rhosts file. Those who wants to use them email me and i will chown back > to them. (any problem with that? :-) It's a good try, but insufficient to prevent users from opening a hole in their account. The user can 'rm -f' the file or rename it unless you also turn on the sticky bit in their directory. If you do that they can chmod the directory - which means you have to chown the directory to root. Now the user cannot write to the directory, so you have to put each user in a distinct group, and give write permission to the group on the directory. It sounds like a lot of hard work to me. Better to change the location of the .rhosts file to something which the user cannot edit, say /etc/rhosts/username and enforce all changes to be done by root. I can change the location of the .rhosts file in Linux by editing libc-linux/inet/rcmd.c, function ruserok() and linking that into the C shared library. It is good to have the source code :-) Nick. -- Kralizec Dialup Unix (Public Access) Data: +61-2-837-1183, 837-1868 Zeta Microcomputer Software v.42bis v.32bis 14.4k 24 hours P.O. Box 177, Riverstone NSW 2765 Telnet kralizec;login guest for info