topic Re: .netrc file in Operating System - HP-UX

.netrc file

Vishwa — Mon, 04 Feb 2002 21:39:07 GMT

As you all know .netrc enables autologin for the ftp command. I would like to know the HP Policy about having a .netrc on the local intranet HP-UX machines.

It will be of great help if anyone can lead me to the HP Policy site about the unix machines. For example having .rhosts or .netrc etc.

Re: .netrc file

Christopher McCray_1 — Mon, 04 Feb 2002 21:46:05 GMT

Just as a quick starter, HP does state it's concerns about .netrc files at the bottom of the man page of .netrc

More to come...
Chris

Re: .netrc file

Mark Greene_1 — Mon, 04 Feb 2002 22:06:48 GMT

try here:

http://docs.hp.com/cgi-bin/fsearch/framedisplay?top=/hpux/onlinedocs/B2355-90742/B2355-90742_top.html&con=/hpux/onlinedocs/B2355-90742/00/00/60-con.html&toc=/hpux/onlinedocs/B2355-90742/00/00/60-toc.html&searchterms=policy%7csecurity&queryid=20020204-141107

watch the sever line wrap, you may have to cut and paste it.

HTH
mark

Re: .netrc file

Bill Hassell — Tue, 05 Feb 2002 04:13:49 GMT

Other than the warnings in the man pages, there is no special policy...that is something that your security specialist must decide. .netrc and .rhosts as well as /etc/hosts.equiv and even NFS represent very useful ways to share data among many machines. However, the very features that make it useful are the ones that make it vulenerable to attack.

It is imperative that permissions on files such as .rhosts and .netrc NEVER have anything except 600. But these files are only a couple of the dozens of checks you need to make in case this must be a secure system. Start with a good book on HP-UX security:

http://www.hp.com/hpbooks/prentice/ptr_0130330620.html