On Wed, 19 Oct 1994 smb@research.att.com wrote: > Well, some folks (like us) have put DNS routines into the shared libc, > so that everything not statically linked uses the DNS without needing > NIS. > > But that's not the real point. The real point of this discussion is > that Sun has chosen (rightly, in my opinion) to put the cross-check > into the libraries, rather than the applications. Thus, Sun's rshd > and rlogind *don't* do the check themselves. If you replace the resolver > routines with ones that don't do the cross-check, you've opened up a > great gaping security hole. On a pretty-close-to-related issue, why can't the r utitiles handle ip addresses? Seems to be a glaring omission. -- Charles Howes -- chowes@helix.net Always tell the truth, then you make it the other bloke's problem! - Sean Connery, 1971