On Mon, 17 Oct 1994, Steve Davis wrote: > Various methods of making users' and administrators' lives a pain > deleted. > > Brett Lymn writes: > > > This should stop the user creating a .rhosts file as there is a > > directory there with that name. > > Seems to me that we would all be better served by running daemons that > don't trust the user to determine valid remote authentication. Why not > fix the r-daemons and login to ignore these files? This is certainly > possible if a) you have source, and b) you're a competant enough > programmer to #ifdef the necessary bits of code into oblivion. If you're going to do that, why not just remove the services? Take them out of etc/services and inetd.conf and your problems will all go away:) What's that you say? A user can put up the services on his own, just on ports > 1024? DRAT! There's always a catch. :) > > Unfortunatly, a) is rarely true. It'd be nice if vendors would ship > their products secure. > > -- > Steve Davis <strat@ksu.ksu.edu> > Kansas State University > ---------------------------------------------------------------------------- It's *amazing* what one can accomplish when one doesn't know what one can't do!