Xref: utzoo comp.bugs.4bsd:1085 comp.unix.wizards:12527
Path: utzoo!attcan!uunet!rosevax!news
From: news@rosevax.Rosemount.COM (News administrator)
Newsgroups: comp.bugs.4bsd,comp.unix.wizards
Subject: Re: bin owning files
Keywords: bin, root, /etc/hosts.equiv
Message-ID: <6710@rosevax.Rosemount.COM>
Date: 17 Nov 88 22:33:08 GMT
References: <566@comdesign.CDI.COM>
Reply-To: dan@ernie.Rosemount.COM (Dan Messinger)
Organization: Rosemount Inc., Burnsville, MN
Lines: 13

In article <566@comdesign.CDI.COM> pst@comdesign.cdi.com (Paul Traina) writes:
>	I'd like bin to own system executables,  but I'm worried about
>	the fact that /bin is covered by /etc/hosts.equiv, so if a user
>	su'ed to bin on one machine, he could rlogin/rsh to another machine
>	and change anything owned by bin. 

I haven't tried this, but the manual says that the user's .rhosts file is
read BEFORE rhosts.equiv.  So you should be able to put a .rhosts in
bin's home directory, and configure it to deny rlogin/rsh to all hosts.
This should override the general permissions in hosts.equiv.

Dan Messinger
dan@ernie.rosemount.com