Bugtraq mailing list archives

Re: Re: COPS reporting unrestricted NFS exports under Linux

From: mshaver () schoolnet carleton ca (Mike Shaver)
Date: Tue, 7 Mar 1995 00:42:34 -0500 (EST)


Ed Arnold mumbled something vague about:

I honestly don't have a handy document, but I remember reading somewhere
that depending on how naive your system software is, if someone had
a '#' mark in the /etc/hosts.equiv or /.rhosts files, I could change
some records in my DNS maps and rename my machine like so:

     3.100.212.129.in-addr.arpa    IN    PTR       #


It was my understanding that recent versions of BIND do not allow
characters like '#' in hostnames.  Is Linux delivered with an old
BIND that does?


The issue isn't that the BIND will let him do that (a standard, new one
won't, but an old/hacked one would), but rather that Linux seems to
interpret the '#' as a hostname, and not a comment.

Mike

Current thread:

Re: COPS reporting unrestricted NFS exports under Linux Karl Strickland (Mar 03)
- <Possible follow-ups>
- Re: COPS reporting unrestricted NFS exports under Linux Peter Sivo (Mar 05)
- Re: COPS reporting unrestricted NFS exports under Linux Patrick Horgan (Mar 05)
  - Comments in /.rhosts (was Re: COPS reporting unrestricted NFS exports Christopher Samuel (Mar 07)
- Re: Re: COPS reporting unrestricted NFS exports under Linux Ed Arnold (Mar 06)
  - Re: Re: COPS reporting unrestricted NFS exports under Linux Mike Shaver (Mar 06)
  - how not to ship an O/S - more on Irix 5.2 anthony baxter (Mar 06)
- Re: Re: COPS reporting unrestricted NFS exports under Linux der Mouse (Mar 06)