Bugtraq mailing list archives
Re: login -h
From: rhaas () cygnus arc nasa gov (Robert M. Haas)
Date: Thu, 08 Dec 1994 09:20:04 -0800
I don't think anyone should rely on wtmp for any kind of security. Whatof rsh? Its easy enough to do a rsh <host> xterm -ut -display <foo> and avoid wtmp detection. The -ut flag tells xterm to not make a entry in utmp and it never considers making a wtmp entry. I suppose because it never has permissions to. The rsh server would have to make the wtmp entry. Which is odd it doesn't because it does if envoke a shell with it. Hmmmm...
rsh does not make a wtmp entry; rlogin does. rsh is a flat link; i.e. you can't do IOCTL's on the client end and have them propagated across the link or whatever, it's just a socket connection. rlogin on the other hand emulates things like IOCTLs and so forth; since you are really "logging in" to the machine and not just executing a single command, it makes a wtmp entry. If given a hostname to connect to, but no specific command to execute, rsh invokes rlogin. Thus a wtmp entry is created. ...Robert
Current thread:
- login -h Bonfield James (Dec 07)
- Re: login -h Alexander Haiut (Dec 08)
- <Possible follow-ups>
- Re: login -h Pete Hartman (Dec 07)
- Re: login -h Casper Dik (Dec 07)
- Re: login -h Ed Arnold (Dec 07)
- Re: login -h Bogdan Pelc (Dec 08)
- Re: login -h Adam Shostack (Dec 08)
- Re: login -h Bogdan Pelc (Dec 08)
- Re: login -h Michael Bresnahan (Dec 07)
- Re: login -h Robert M. Haas (Dec 08)
- Re: login -h H Morrow Long (Dec 08)
- Re: login -h der Mouse (Dec 08)