Re: program calls rcmd() twice, _second

Web Server Talk > Unix and Linux reviews > Free Unix support > Unix Programming > Re: program calls rcmd() twice, _second_ call works for root but

Last Thread Next Thread Next

Re: program calls rcmd() twice, _second_ call works for root but

David Mathog

06-17-05 10:53 PM

David Schwartz wrote:
> "David Mathog" <mathog@caltech.edu> wrote in message
> news:d8v116$b29$1@naig.caltech.edu...
>
> 
>
>
>     I believe those two lines are to drop permissions after the port is
> opened. You should *DEIFNITELY* not remove security-sensitive code unless
> you are sure you understand what is doing and can prove it isn't needed.

Good point.  I put those back in and added instead an

seteuid(0);

at the bottom of the loop over hosts.  That also cured the original
problem and should be about as secure as the original single target
rsh.

I'm still not clear what the setuid(uid) was doing since the uid value
was read from the original process via a getuid(uid), and uid didn't
change in between.

Thanks,

David Mathog
mathog@caltech.edu

[ Post a follow-up to this message ]

Most Popular forums

Apache Server	MySQL for Windows	Sendmail
Red Hat Networking	SuSe Linux	Debian Linux
FreeBSD administration	Sun Solaris administration	Unix Shell programming
WebSphere Portal Server	Exchange 2000 administration	PostgreSQL administration
Linux Security	Computer Security	Firewalls

Forum Jump:

Forum Rules:

You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

HTML code is OFF
vB code is ON
Smilies are ON
[IMG] code is OFF

Medical and Health forum | Computer Games Reviews | Graphics design forum

Web Hosting	Automated OffSite Backup
Shopping Cart Software	Data Recovery
tattoos	RAM Memory Upgrades
Data Recovery	Moving Companies

Syndicate this forum via XML or simple JavaScript feed

Home | Usercp | Faq | Register