For people who don't know any better

2025-01-18 15:00:12 +00:00 · 2000-11-04 22:20:51 +00:00 · 2000-11-04 22:20:51 +00:00 · 6a0f3dc94a
commit 6a0f3dc94a
parent fb5bcd00fc
1 changed files with 22 additions and 0 deletions
--- a/src/README.SECURITY
+++ b/src/README.SECURITY
@ -0,0 +1,22 @@
+The inetd, rcp, rlogind and rsh directories contain AFS authentication (token)
+passing support for their respective utilities. We are not removing these 
+utilities as some sites may still be using them, but we *strongly discourage*
+their use. These utilities don't encrypt user traffic, and they also don't
+encrypt the AFS tokens. This means an attacker can capture the data and recover
+a valid authentication token, and use it to perform authenticated operations.
+
+Consider foregoing the rcmds altogether and using ssh. You can get Dug Song's
+ssh patch to support AFS here:
+http://www.monkey.org/~dugsong/ssh-afs/
+but you'll also need to install Kerberos 4 for libraries (which isn't a bad
+idea anyhow). The KTH implementation includes the AFS helper library libkafs,
+and so is desirable:
+ftp://ftp.pdc.kth.se/pub/krb/src/
+
+As a side effect, the insecure, but AFS aware ftpd included in AFS can be 
+replaced by the ftpd included in the above-mentioned Kerberos package, as it
+has RFC2228 security extensions. 
+
+In any case, carefully consider the security implications before deploying 
+these utilities.
+