rlogin URLs

[Jon Knight]

On Tue, 21 Nov 1995, Eric R. Holst wrote:
> In fact, .rhosts files should be owned by root w/ -r------- permissions.  If
> a system needs to have .rhosts files for rlogin access, empty .rhosts files
> could be installed in each users home directory.

Which doesn't help much as the user can just delete it still:

weeble# ls -la rhosttest
-r--------  1 root            1 Nov 22 13:53 rhosttest
webble# ^D
weeble: rm rhosttest
rm: override protection 400 for rhosttest? y
weeble: ls rhosttest  
rhosttest not found
weeble: 

Plus if you're running NFS over a cluster with root mapped to nobody 
(good for other security reasons), you'll need to give read access to 
more than just the owner of the .rhosts file if you want to be able to use 
the .rhosts file from a machine that mounts the user's $HOME over NFS.  
Not good.

Have rlogin understood by a browser is just asking for trouble in a 
public access area IMHO.

Jon

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Jon Knight, Researcher, Sysop and General Dogsbody, Department of Computer
Studies, Loughborough University of Technology, Leics., ENGLAND.  LE11 3TU.
* I've found I now dream in Perl.  More worryingly, I enjoy those dreams. *