[1705] in Kerberos
Re: Do the r-commands need to be setuid?
daemon@ATHENA.MIT.EDU (John T Kohl)
Thu Jan 9 18:17:30 1992
Date: Thu, 9 Jan 92 14:43:20 PST
To: Steve Lunt <lunt@ctt.bellcore.com>
Cc: kerberos@Athena.MIT.EDU
In-Reply-To: [1703]
From: John T Kohl <jtkohl@cs.berkeley.edu>
Reply-To: jtkohl@cs.berkeley.edu
> [1703] daemon@ATHENA.MIT.EDU (Steve Lunt) Kerberos 01/09/92 14:18 (13 lines)
> Date: Thu, 9 Jan 92 16:37:09 EST
> From: Steve Lunt <lunt@ctt.bellcore.com>
> I inadvertantly installed the Kerberos rlogin, rsh, and rcp
> commands without the setuid bit on, but they seem to work just fine.
> Is there a need for them to be setuid?
Not really. Ancient kshd/klogind's would have insisted on the origin
port being a reserved port, but anything outside MIT needn't worry about
that (I believe if you inspect the code, the client side will bind to a
UNIX "reserved port" if you compile -DATHENA or -DATHENA_COMPAT)
John
