Path: utzoo!attcan!uunet!olivea!decwrl!sdd.hp.com!think.com!barmar
From: barmar@think.com (Barry Margolin)
Newsgroups: comp.unix.ultrix
Subject: Re: MacX and Ultrix 4.0
Message-ID: <1991Mar2.061326.28049@Think.COM>
Date: 2 Mar 91 06:13:26 GMT
References: <BARNETT.91Mar1130837@grymoire.crd.ge.com> <JTKOHL.91Mar1145729@quicksilver.MIT.EDU>
Sender: news@Think.COM
Organization: Thinking Machines Corporation, Cambridge MA, USA
Lines: 20

In article <JTKOHL.91Mar1145729@quicksilver.MIT.EDU> jtkohl@MIT.EDU (John T Kohl) writes:
>Flame the vendor of MacX for using rexecd.  rexecd is an ancient daemon
>which asks for username and password in cleartext.  Using it on an open
>network is not advisable.
>[rshd is slightly better, in that it doesn't let you type a password,
>but it does rely on IP addresses.  They can be forged, but it takes more
>work than it does to steal a password.]

Rexec uses a cleartext password, so that's out.
Rsh relies on knowing that a particular host is reasonably secure, so
that's out for personal computer clients.

What other widely-implemented remote execution protocol is there that MacX
should have used instead?  MacX is supposed to be install-and-go, so any
solution that involves installing a Kerberized rshd is out.
--
Barry Margolin, Thinking Machines Corp.

barmar@think.com
{uunet,harvard}!think!barmar