Re: R command questions
From: Sherman H. (shung1099_at_earthlink.net)
Date: Thu, 23 Oct 2003 21:22:23 GMT
Thanks for all the posts. I would like to know with the parameters, what
would be the real security exposures. Thanks.
"Sherman H." <email@example.com> wrote in message
> I am working on a security exposure case and couldn't determine if there
> a problem. Here is what I found:
> 1. The r commands were used in the environment. In the /etc/inetd.conf
> file, shell, login and execute were not removed.
> 2. The hosts.equiv file contained many shared and obsolete account IDs.
> 3. However, the access permission for hosts.equiv file was considered
> The permission is -rw-r--r-- 1 root system.
> Is there a security exposure based on the above three parameters?