I'm using a rsh in a construction of which I'm not sure wheather it
involves some security risks or not. The 'construction':
A cgi script on a Linux (web)server starts a sql script on an other
trusted host using rsh. The cgi user is 'nobody'.
The sql-script runs under a different user (on the other host).
In the .rhosts file I authorized nobody for rsh.
I was wondering if it might be easy for somebody to use nobody
to gane access to the database on the other host. The nobody
account is the Linux default, with an * in the encrypted password
field in the passwd file.
As you can see I'm not to familiar with this stuff.