home *** CD-ROM | disk | FTP | other *** search
- Xref: sparky comp.sys.sun.admin:6057 comp.unix.admin:4840
- Path: sparky!uunet!zaphod.mps.ohio-state.edu!usc!cs.utexas.edu!chinacat!rpp386!jfh
- From: jfh@rpp386.lonestar.org (John F. Haugh II)
- Newsgroups: comp.sys.sun.admin,comp.unix.admin
- Subject: Re: NIS, slave servers and DNS access
- Message-ID: <21452@rpp386.lonestar.org>
- Date: 2 Sep 92 13:27:16 GMT
- References: <92241.144541QQ11@LIVERPOOL.AC.UK> <1992Aug28.163833.28635@fwi.uva.nl> <1992Sep1.001928.17876@zia.aoc.nrao.edu>
- Reply-To: jfh@rpp386.cactus.org (John F. Haugh II)
- Organization: River Parishes Programming, Austin, Republic of Texas
- Lines: 20
-
- In article <1992Sep1.001928.17876@zia.aoc.nrao.edu> rmilner@zia.aoc.nrao.edu (Ruth Milner) writes:
- >Disabling an account by putting some string, such as an asterisk, in the
- >password field *does not work* if the user is coming in with rsh or rlogin
- >from a trusted host (i.e. one listed in /etc/hosts or the user's .rhosts).
- >In this case, the password field is simply not looked at, period. If the
- >user can get onto some other system, say, their private workstation, they
- >can log onto any other system so long as their account name exists and their
- >hostname is in /etc/hosts.equiv (or in their own .rhosts file - which may be
- >provided to them by the server).
-
- Since SVR4 defines the "!" characters as the "account locked" character,
- one would hope that this statement isn't true for SVR4.
-
- BSD systems do not provide an "account locking" mechanism, so it is quite
- likely that no one ever thought to see if the account was "locked".
- --
- John F. Haugh II | "The US Government has the Midas Muffler
- Ma Bell: (512) 251-2151 | touch: everything they touch turns to
- UUCP: ...!cs.utexas.edu!rpp386!jfh | shit."
- Domain: jfh@rpp386.cactus.org | -- Jay Maynard
-
