On Fri, 12 May 2000, Nick Sayer wrote:
> I would like to gather some opinions in regards to _very slightly_
> backing off
> on rexec's security.
>
> rexec makes the following checks, and refuses to allow usage if any are
> true:
>
> uid == 0
I turned off this check at sarnoff six years ago. rexec allows you to
quickly run lots of commands across a cluster, given the right tool (see
http:/www.acl.lanl.gov/~rminnich and look at vex). Using rexec I could run
commands across a 128-node cluster in less than a second. Nothing I have
ever seen is nearly as fast.
A secure low-overhead remote exec is the right thing; rexec with uid == 0
disabled is the next-best thing.
ron
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
