hosts.equiv considered harmful (was Re: bin owning files)

Brandon S. Allbery allbery at ncoast.UUCP
Sat Nov 26 07:24:42 AEST 1988


As quoted from <185 at bnr-fos.UUCP> by hwt at bnr-public.uucp (Henry Troup):
+---------------
| I just checked my SunOS 4.0 *distribution tape* hosts.equiv.  The 
| file consists of "+\n".  A quick RofTFM shows that this means 
| ***trust everyone***  Surprise!
|  
| So- In light of the worm, and this, we should realize that out-of-the-
| box systems are not well secured.
+---------------

D*mned right they're not.  See <13139 at ncoast.UUCP> in news.sysadmin for the
reason.

The moral of that story is that the people who buy computers, and the people
who run them, need to become aware that security isn't only for the Pentagon.

++Brandon
-- 
Brandon S. Allbery, comp.sources.misc moderator and one admin of ncoast PA UN*X
uunet!hal.cwru.edu!ncoast!allbery  <PREFERRED!>	    ncoast!allbery at hal.cwru.edu
allberyb at skybridge.sdi.cwru.edu	      <ALSO>		   allbery at uunet.uu.net
comp.sources.misc is moving off ncoast -- please do NOT send submissions direct
      Send comp.sources.misc submissions to comp-sources-misc@<backbone>.
-- 
Brandon S. Allbery, comp.sources.misc moderator and one admin of ncoast PA UN*X
uunet!hal.cwru.edu!ncoast!allbery  <PREFERRED!>	    ncoast!allbery at hal.cwru.edu
allberyb at skybridge.sdi.cwru.edu	      <ALSO>		   allbery at uunet.uu.net
comp.sources.misc is moving off ncoast -- please do NOT send submissions direct
      Send comp.sources.misc submissions to comp-sources-misc@<backbone>.



More information about the Comp.unix.wizards mailing list