This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: login: no shell: /bin/bash: Permission denied


> Regardless, to me it's still would be a large security hole if all one 
> needs to do is:
> 
> $ echo "+" > ~/.rhosts
> 
> to be able to abuse rsh to do something under somebody else's user ID is 
> it not?


rsh is inherently insecure. Attempts to make it secure are not 
worthwhile (in fact, they tend to break rsh). Especially in the land of 
NT insecurity, trying to make rsh secure simply makes it unusable.

HTH,
Peter


> 
> 
> 
> -- 
> Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
> Bug reporting:         http://cygwin.com/bugs.html
> Documentation:         http://cygwin.com/docs.html
> FAQ:                   http://cygwin.com/faq/
> 



--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]