Path: utzoo!mnetor!uunet!husc6!spdcc!kaos!romkey
From: romkey@kaos.UUCP (John Romkey)
Newsgroups: comp.protocols.tcp-ip
Subject: Re: rsh equivalent
Message-ID: <722@kaos.UUCP>
Date: 15 Mar 88 07:11:55 GMT
References: <23511@hi.unm.edu> <102@icarus.kulcs.uucp> <3647@bloom-beacon.MIT.EDU> <1188@kulcs.kulcs.uucp>
Reply-To: romkey@kaos.UUCP (John Romkey)
Organization: Chaos; Somerville, MA
Lines: 32
Keywords: rsh trusted ports

In article <1188@kulcs.kulcs.uucp> dannyb@kulcs.UUCP (Danny Backx) writes:
>I know the original system from Sun is far from secure.
>You can make it MUCH better, though.
>
>You can always check :
>	1) does the client have a port nr. < 1023
>		If not, throw this request away

"Trusted ports" (when port numbers less than 1024 can only be used by
a trusted user) exist only in the world of the Berkeley UNIX TCP.
Virtually no TCP/IP implementations that are not derived from BSD
UNIX have the concept of "trusted ports"; they will allow any user
program to open a connection on any port that isn't already in use.

Some of the non-BSD TCP's also support rsh; I know of at least one.
Rsh is a simple enough protocol that you can bring it up pretty
easily on non-UNIX systems. It's useful enough that it's desireable
to do so.

Trusted ports are a phenomenally bad idea in a heterogeneous
environment where you really want security. Even in a homogenous
environment of all BSD systems, if some are being used as personal
workstations chances are that their users can easily boot them in
single user mode and run programs as root.

They shouldn't be depended upon to do anything other than provide
security holes.
-- 
			- john romkey
		...harvard!spdcc!kaos!romkey
		       romkey@kaos.uucp
		    romkey@xx.lcs.mit.edu