Xref: utzoo comp.unix.wizards:13180 comp.protocols.misc:409 Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!rutgers!phri!roy From: roy@phri.UUCP (Roy Smith) Newsgroups: comp.unix.wizards,comp.protocols.misc Subject: Re: flaw in RLOGIN protocol? Message-ID: <3625@phri.UUCP> Date: 5 Dec 88 16:21:19 GMT References: <858@amethyst.ma.arizona.edu> Reply-To: roy@phri.UUCP (Roy Smith) Organization: Public Health Research Inst. (NY, NY) Lines: 29 rsm@amethyst.ma.arizona.edu (Robert Maier) writes: > I recently dug into the BSD4.3 versions of rlogin.c and rlogind.c, and > among other things figured out the (undocumented?) RLOGIN protocol. How is rlogin broken? Let me count the ways. First off, there is no documentation of the protocol. Some camps claim that the Berkeley folks who wrote it intended it more as a quick hack and a demonstration of what you could do with the 4.2 networking code than as a real product and hence didn't document it; they felt that if they documented it, too many people would start to use it. Unfortunately, it's too late now. Second, it depends on out-of-band signaling, which itself is completely broken in both 4.2 and 4.3 systems. Not only does it depend on OOB, but as Robert stated, it ALSO uses in-band non-escapable magic cookies to pass some information. The worst of both worlds. Lastly, it's Unix-specific, depending on rexec (rsh) to work. I suspect it would be very hard to build a rlogin server on a non Unix system. I have, over the years, made several serious attempts to build my own rlogin client. Every attempt has failed, mostly because OOB doesn't work properly. Or rather, the way it works is poorly documented and even after you figure out exactly what it is doing (i.e. marking BOTH sides of the urgent data mark) it is counter-intuitive and so difficult to program around that it is essentially unusable. -- Roy Smith, System Administrator Public Health Research Institute {allegra,philabs,cmcl2,rutgers}!phri!roy -or- phri!roy@uunet.uu.net "The connector is the network"