|
|
S-073: Vulnerability in SMBv2
|
|
netrc(4) Kernel Interfaces Manual netrc(4) NAME
netrc: .netrc - login information for ftp, rexec, and rexec() DESCRIPTION
The file contains login and initialization information used by the autologin process, by the library routine, and by the command (see ftp(1), rexec(3N), and remsh(1)), respectively. This file is optional. It exists, if at all, in the user's home directory. If the file contains password or account information for use other than for anonymous its owner must match the effective user ID of the current process. Its read, write, and execute mode bits for group and other must all be zero, and it must be readable by its owner. Oth- erwise, the file is ignored. The file can contain the following tokens, separated by whitespace (spaces, tabs, or newlines) or commas To include a comma as part of a token, enclose that token in quotation marks (). Identify a remote machine name. The autologin process searches the file for a token that matches the remote machine specified on the command line, as an command argument, or as the parameter of Once a match is made, the subsequent tokens are processed, stopping when the end-of-file is reached or another token or a token is encountered. If the remote machine name has an alias host name, and both the official host name and the alias are present in the file, the client gives precedence to the official host name over the alias when searching the file. If an alias is given as an entry to the command, and in the search from the top of the file to the bottom, the client finds the alias host name before it finds the official host name, it will use the alias's entry. However, if it finds the official host name first, it will use the official entry even though the alias host name also exists in the file. So the high precedence given to the official host name requires placing the official host name entry last in the file for when aliases exist. Same as except that matches any name. There can be only one token, and it must be after all tokens. This is normally used for as follows: This provides automatic anonymous login to machines not specified in This can be overridden in by using the flag to disable autologin. Identify a user on the remote machine. If this token is present, the or autologin process initiates a login using the specified name. If this token matches the user name used by the command option, or, by default, the local user name, uses the token, if present. Supply a password. If this token is present, the autologin process supplies the specified string, if the remote server requires a password as part of the login process. Note that if this token is present in the file for any user other than aborts the autologin process if the is readable by anyone other than the owner. Also note that the passwords in are not encrypted. Supply an additional account password for login. If this token is present, the autologin process supplies the specified string if the remote server requires an additional account password, or the autologin process initiates an command if it does not. Define an macro. This token is just like the command. A macro is defined with the specified name; its contents begin with the next line and continue until an empty line (consecutive newline characters) is encountered. If a macro named is defined, it is automatically executed as the last step in the autologin process. EXAMPLES
The following is a valid entry for the host whose account has the password WARNINGS
It is a security risk to have unencrypted passwords in a file. AUTHOR
was developed by the University of California, Berkeley. FILES
SEE ALSO
ftp(1), remsh(1), rexec(3N). netrc(4)
