[1606] in linux-security and linux-alert archive
[linux-security] Re: Re: Re: Security Concern..
daemon@ATHENA.MIT.EDU (David Holland)
Thu Sep 18 19:11:59 1997
From: David Holland <dholland@eecs.harvard.edu>
To: linux-security@redhat.com
Date: Thu, 18 Sep 1997 14:10:40 -0400 (EDT)
In-Reply-To: <199709162350.TAA18949@tenchi.myrus.com> from "Zygo Blaxell" at Sep 16, 97 07:50:36 pm
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com
> >> >-rwsr-xr-x 1 root bin 13937 Dec 5 1995 /usr/bin/rcp
> >> and also this one
> >
> >losing rcp functionality.
>
> Nope. 'rcp' calls the privileged 'rsh' to perform the actual protocol.
> 'rcp' itself doesn't need privileges at all, and IIRC it tries to throw
> them away if it discovers that it has them.
I wish. It uses rcmd().
The long term solution to this problem is to change rcmd() to call
"/usr/bin/rsh" (which can easily be made a symlink to some more useful
equivalent like ssh) and compile the actual rcmd() functionality into
rsh itself. This is probably easier than modifying a bunch of silly
programs that like to use rcmd() [rexec() should probably be treated
similarly...] I'm willing to tackle this if the libc maintainers are.
Alternatively, I'd be more than happy to take patches to fix rcp to
call rsh.
--
- David A. Holland | VINO project home page:
dholland@eecs.harvard.edu | http://www.eecs.harvard.edu/vino