> Well guess i'll just pitch in my two cents in. If you dont > allow users to set up their own .rhosts files, or you > dissable them compleately. Then you loose what makes the > r commands so wanted by people.... transparency. They > like them because they dont have to type a user name and > passwd to log into other machines. Now if this dissapears > then rlogin is a beefed up telnet. Therefore you must a) > Allow you users to use them and simply drop all incoming > packets to any ports where the r deamons hang at the > router. or b) dont allow them at all. > > In a university setting a) is probably fine while a > bussiness would probably go with b). > I remember an article where Bill Joy said "the r utilities were just a hack until the telent and ftp protocols are formalized". The article continued "they escaped from the lab." As a system administrator I can tell you the r utilities are a major source of security holes, particularly the .rhosts file. As I developer, I can tell you the r utility source and cross platform issues suck. If you got'm, don't smoke'm. -dpg