Path: utzoo!attcan!uunet!peregrine!elroy!jpl-devvax!lwall
From: lwall@jpl-devvax.JPL.NASA.GOV (Larry Wall)
Newsgroups: comp.bugs.4bsd
Subject: Re: Installing 4.3-Tahoe on a VAX
Message-ID: <2841@jpl-devvax.JPL.NASA.GOV>
Date: 13 Sep 88 00:51:45 GMT
References: <26049@ucbvax.BERKELEY.EDU> <5416@zodiac.UUCP>
Reply-To: lwall@jpl-devvax.JPL.NASA.GOV (Larry Wall)
Organization: Jet Propulsion Laboratory, Pasadena, CA.
Lines: 16

In article <5416@zodiac.UUCP> jordan@ads.com (Jordan Hayes) writes:
: Keith Bostic <bostic@BERKELEY.EDU> writes:
: 
: 	Since you can't log in as "bin" (it has no password) this
: 	shouldn't be an issue.
: 
: Yes, but root equivalence is governed by /.rhosts, but "bin" equiv.  is
: governed by /etc/hosts.equiv ... and we all know that "rsh csh -i" is
: as good as "rlogin" for most tasks ...

Not to mention NFS.  You let me mount a /usr filesystem read/write with
directories owned by "bin" and you've just destroyed any semblance of
security.  Not that NFS is all that secure to begin with...

Larry Wall
lwall@jpl-devvax.jpl.nasa.gov