> When /dev/ttyp? is not secure in /etc/ttys, I noticed that a .rhosts
> for root refuses rlogin to the system, but allowes `rsh <command>`
> with full su rights.

> That makes no sense.  Should it be changed to refuse rsh as well when
> ttyp* is not secure?

Which pseudo-tty do you propose to key off of?  Basically, I suppose
I'm asking, what if some ptys are secure and others aren't?

Also, how do you intend to identify pseudo-tty entries in /etc/ttys?
Just assume some conventional naming scheme?

IMO the bug is that rlogin is refused, not that rsh is allowed.  The
.rhosts should, I think, override.

					der Mouse

			    mouse@collatz.mcrcim.mcgill.edu