Remove rsh/rlogin references from security man page
More extensive changes to this page are certainly needed, but at least remove references to binaries that no longer exist. MFC after: 1 week Sponsored by: The FreeBSD Foundation
This commit is contained in:
parent
b04f3ea51a
commit
2d63b47503
@ -28,7 +28,7 @@
|
||||
.\"
|
||||
.\" $FreeBSD$
|
||||
.\"
|
||||
.Dd July 27, 2019
|
||||
.Dd August 13, 2019
|
||||
.Dt SECURITY 7
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -99,9 +99,7 @@ pipe.
|
||||
A user account compromise is even more common than a DoS attack.
|
||||
Many
|
||||
sysadmins still run standard
|
||||
.Xr telnetd 8 ,
|
||||
.Xr rlogind 8 ,
|
||||
.Xr rshd 8 ,
|
||||
.Xr telnetd 8
|
||||
and
|
||||
.Xr ftpd 8
|
||||
servers on their machines.
|
||||
@ -186,8 +184,6 @@ in the
|
||||
file
|
||||
so that direct root logins via
|
||||
.Xr telnet 1
|
||||
or
|
||||
.Xr rlogin 1
|
||||
are disallowed.
|
||||
If using
|
||||
other login services such as
|
||||
@ -342,10 +338,7 @@ virtually every server ever run as root, including basic system servers.
|
||||
If you are running a machine through which people only log in via
|
||||
.Xr sshd 8
|
||||
and never log in via
|
||||
.Xr telnetd 8 ,
|
||||
.Xr rshd 8 ,
|
||||
or
|
||||
.Xr rlogind 8 ,
|
||||
.Xr telnetd 8
|
||||
then turn off those services!
|
||||
.Pp
|
||||
.Fx
|
||||
@ -378,7 +371,7 @@ occur through them.
|
||||
The other big potential root hole in a system are the SUID-root and SGID
|
||||
binaries installed on the system.
|
||||
Most of these binaries, such as
|
||||
.Xr rlogin 1 ,
|
||||
.Xr su 1 ,
|
||||
reside in
|
||||
.Pa /bin , /sbin , /usr/bin ,
|
||||
or
|
||||
@ -905,8 +898,6 @@ if you intend to use them.
|
||||
Kerberos5 is an excellent authentication
|
||||
protocol but the kerberized
|
||||
.Xr telnet 1
|
||||
and
|
||||
.Xr rlogin 1
|
||||
suck rocks.
|
||||
There are bugs that make them unsuitable for dealing with binary streams.
|
||||
Also, by default
|
||||
|
Loading…
Reference in New Issue
Block a user