Can someone explain exactly what threat is posed by using r commands across a network by the root user?
I have read and been told that using r commands across a network is dangerous. I understand that it gives users access to specific commands on specific hosts without being prompted for a password. I understand that if a hacker gets root access on one of my machines(within the confines of my network), he/she can then trash about everything I have via these commands.
What I don't understand is that here at work, we use r commands. I have poured over a lot of our backup scripts that have root creating compressed backups and then a user named "backup" pushing these files(via rcp) to a server designated to store backups.
Why would one do this? Why am I to be worried about having root execute an r command as opposed to a regular user?
Thanks in advance...