Unix Programming - Re: program calls rcmd() twice, _second_ call works for root but

This is Interesting: Free IT Magazines  
Home > Archive > Unix Programming > June 2005 > Re: program calls rcmd() twice, _second_ call works for root but





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author Re: program calls rcmd() twice, _second_ call works for root but
David Mathog

2005-06-17, 5:53 pm

David Schwartz wrote:
> "David Mathog" <mathog@caltech.edu> wrote in message
> news:d8v116$b29$1@naig.caltech.edu...
>
>
>
>
> I believe those two lines are to drop permissions after the port is
> opened. You should *DEIFNITELY* not remove security-sensitive code unless
> you are sure you understand what is doing and can prove it isn't needed.

Good point. I put those back in and added instead an

seteuid(0);

at the bottom of the loop over hosts. That also cured the original
problem and should be about as secure as the original single target
rsh.

I'm still not clear what the setuid(uid) was doing since the uid value
was read from the original process via a getuid(uid), and uid didn't
change in between.

Thanks,

David Mathog
mathog@caltech.edu
Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com