From: wietse@wzv.win.tue.nl (Wietse Venema)
Newsgroups: comp.security.misc
Subject: Re: rlogind/rshd sans .rhosts code around?
Date: 9 Jun 1993 18:53:21 +0200
Organization: Eindhoven University of Technology, The Netherlands
Message-ID: <1v54i1$bar@wzv.win.tue.nl>
References: <1v2q0s$rf6@tramp.cc.utexas.edu> <1993Jun9.135017.23600@solaris.rz.tu-clausthal.de>

Jim McCoy (mccoy@ccwf.cc.utexas.edu) wrote:
> As the subject says, is there any rlogind/rshd code around that ignores
> .rhosts and always asks for a password?  Archie searches of rlogind turn up
> too many matches for regular rlogind so I was hoping someone might be able
> to point me towards a hacked version before I roll my own...

What about a binary patch on the executable (and/or library) that
overwrites the first 3 characters of ".rhosts" with "../"?  Still
allows root to set up her own /osts file, or whatever you like to
call it.

	Wietse