[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-developers] How can I rcp from a cron?

Subject: Re: [cobalt-developers] How can I rcp from a cron?
From: "Robert G. Fisher" <rfisher@xxxxxxxxxxxxxxx>
Date: Wed Jul 5 05:32:55 2000

On Wed, Jul 05, 2000 at 04:18:00AM -0700, sara starre wrote:
> I'm not sure what scp is:

scp is a part of the ssh or OpenSSH packages.  Tack on some
crypto to the concept of rcp and you get the idea.

> Why is using rcp from root courageous? What are the risks- I'm not 
> transmitting any passwords.

Because it's an old avenue for potential attacks.  Say I'm HackerA
and I want to get into your system -- if I discover you are allowing
root access via .rhosts, what happens if I spoof a valid host's IP
from my machine and run oooo say 

	[root@myhost /root]# rcp /etc/mypasswords yourhoust:/etc/passwd

		or

	[root@myhost /root]# rsh yourhost '/bin/bash -i'

Granted the latter doesn't work so well from a spoofed IP, but the
first one is a way that someone could compromise your password files
and thus gain access -- since the same mechanism can just as easily
work for /etc/securetty and /etc/pam.conf and /etc/pam.d/* to let
them in.

-- 
Robert G. Fisher		     NEOCOM Microspecialists Inc. 
System Administrator/Programmer      (540) 666-9533 x 116

Follow-Ups:
- [cobalt-developers] php failed dependencies for a RAQ3
  - From: Ivanov K. Persad

References:
- Re: [cobalt-developers] How can I rcp from a cron?
  - From: sara starre

Prev by Date: Re: [cobalt-developers] Cobalt Security Issues
Next by Date: [cobalt-developers] php failed dependencies for a RAQ3
Previous by thread: Re: [cobalt-developers] How can I rcp from a cron?
Next by thread: [cobalt-developers] php failed dependencies for a RAQ3

Sun Cobalt Developers Message Index

Sun Cobalt Developers Thread Index