Re: serious telnet bug; is it just me?

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: root: "Re: serious telnet bug; is it just me?"
• Previous message: David Kovar: "Can a PM2E selectively connect one port to another?"

> Umm, how about just not giving out the password to your Portmasters? I and
> 3 other people here have the !root password, and we all now know about
> this bug. Granted, that's not the solution to the real problem, but it
> should not be a risk at all if your password is secure.

But you don't need the password to bring a PM to its knees. If you
can get a login: prompt over telnet, you can crash the system. I
wouldn't mind so much if you actually had to be logged in as the
Mysterious Knotroot. Or logged in at all.

I'll talk to our Security guy about not giving out the root password,
though. It sounds like a pretty good idea. Do you have any pointers
to literature on this subject?

Many thanks,
-- Robert

• Next message: root: "Re: serious telnet bug; is it just me?"
• Previous message: David Kovar: "Can a PM2E selectively connect one port to another?"