Re: why does telnetd run as root?
From: Joerg Wunsch (j@ida.interface-business.de)
Date: 08/31/01
- Next message: Garance A Drosihn: "Re: FreeBSD Security Advisory FreeBSD-SA-01:58.lpd"
- Previous message: Glen Hollings: "Broken SU"
- In reply to: Garrett Wollman: "why does telnetd run as root?"
- Next in thread: Garrett Wollman: "Re: why does telnetd run as root?"
- Reply: Garrett Wollman: "Re: why does telnetd run as root?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 31 Aug 2001 13:37:49 +0200 From: Joerg Wunsch <j@ida.interface-business.de> To: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
As Garrett Wollman wrote:
> <<On Thu, 30 Aug 2001 20:11:02 +0200, Joerg Wunsch <j@ida.interface-business.de> said:
>
> > But then, it's IMHO much safer to run telnetd as user
> > `daemon', and have login(1) allow user daemon to pass -h.
>
> Only works for cleartext password authentication.
Not really, but you're right, it doesn't work for SRA telnet. It
works for anything that can be handled by /usr/bin/login, i just
tried OPIE which does well.
Still, allowing this as an option seems useful to me. (If i want
encryption, i'll use ssh anyway. Telnet is only a fallback if no
encryption is available for whatever reason. It is very unlikely i'll
find a client that could do SRA telnet but could not do ssh.)
-- J"org Wunsch Unix support engineer joerg_wunsch@interface-systems.de http://www.interface-systems.de/~j/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
- Next message: Garance A Drosihn: "Re: FreeBSD Security Advisory FreeBSD-SA-01:58.lpd"
- Previous message: Glen Hollings: "Broken SU"
- In reply to: Garrett Wollman: "why does telnetd run as root?"
- Next in thread: Garrett Wollman: "Re: why does telnetd run as root?"
- Reply: Garrett Wollman: "Re: why does telnetd run as root?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
