For mgetty users with non-trusted shell logins

l41484@alfa.ist.utl.pt (l41484@alfa.ist.utl.pt)
Wed, 27 Jan 1999 18:01:10 +0100

Messages sorted by:[ date ][ thread ][ subject ][ author ]

On Wed, 27 Jan 1999, Gert Doering wrote:

> > Do you know the details of the AIX/terminal server implementation ?
> > Isn't it just the ``rlogin trick'' also and thus not vulnerable ?
> 
> No, the /dev/tty<x> is *hardwired* via a special device driver to 
> "terminal server <a>, port <b>".  So you can use this for dialout, and
> there is a mgetty listening on this /dev/tty<x> device for answer ->
> I'm fairly sure it works.

What are the priveleges for the devices when NO connection is established?

--
Tiago Pascoal  (l41484@alfa.ist.utl.pt)               FAX : +351-1-7273394
Politicamente incorrecto, e membro (nao muito) proeminente da geracao rasca.