[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: rlogind and rexecd go away? [CVS: cvs.openbsd.org: src]

To: "Denis A. Doroshenko" <d.doroshenko@omnitel.net>
Subject: Re: rlogind and rexecd go away? [CVS: cvs.openbsd.org: src]
From: Theo de Raadt <deraadt@cvs.openbsd.org>
Date: Thu, 09 May 2002 05:00:14 -0600
Cc: tech@openbsd.org

> Chuck said "rsh is bad", it's his opinion. Obviously, this opinion
> matches those of many other folks. But why denying people to decide,
> what is bad and what isn't?

Honestly, the time for such an attitude is over.

Your insecurity is my insecurity.  When you make a poor security
decision, get your connection sniffed, or attacked in some other way,
then your machine becames an attack machine towards me.

The issue is not really about people who use them in "secure
environments".  It is about people who use them without education.
And education does not work.

So, increasingly, you will see us supply less of the insecure toolkits
which suffer from such problems.

It is time to throw aside those naive tools.

Use ssh.

Follow-Ups:
- Re: rlogind and rexecd go away? [CVS: cvs.openbsd.org: src]
  - From: Martin Sandiford <ms@mcdev.com.au>
- Re: rlogind and rexecd go away? [CVS: cvs.openbsd.org: src]
  - From: Raymond M Schneider <ray@securityfoo.net>
- Re: rlogind and rexecd go away? [CVS: cvs.openbsd.org: src]
  - From: "Ron 'The InSaNe OnE' Rosson" <insane@oneinsane.net>

References:
- Re: rlogind and rexecd go away? [CVS: cvs.openbsd.org: src]
  - From: "Denis A. Doroshenko" <d.doroshenko@omnitel.net>

Prev by Date: Re: rlogind and rexecd go away? [CVS: cvs.openbsd.org: src]
Next by Date: A good tool
Prev by thread: Re: rlogind and rexecd go away? [CVS: cvs.openbsd.org: src]
Next by thread: Re: rlogind and rexecd go away? [CVS: cvs.openbsd.org: src]
Index(es):
- Date
- Thread