[2064] in Kerberos-V5-bugs
Re: possible rsh/kshd problem?
daemon@ATHENA.MIT.EDU (Sam Hartman)
Tue Jul 2 20:10:22 1996
To: Mark Eichin <eichin@cygnus.com>
Cc: Dave McGuire <mcguire@rocinante.digex.net>, kerberos@MIT.EDU,
krb5-bugs@MIT.EDU, rdist-bugs@usc.edu
From: Sam Hartman <hartmans@MIT.EDU>
Date: 02 Jul 1996 19:57:16 -0400
In-Reply-To: Mark Eichin's message of Mon, 1 Jul 1996 22:47:49 -0400
>>>>> "Mark" == Mark Eichin <eichin@cygnus.com> writes:
Mark> (hmm. the original hasn't gone to the newsgroup yet...)
>> unmodified...I grab tickets with kinit, and tell rdist on the
>> command
Mark> There's a bug in rdist that keeps it from working with v5
Mark> rsh. Simply put: rdistd writes to stdin. (Yes, std*in*.)
Mark> This works with ucb rsh or v4 rsh because all they do is
Mark> dup() the network socket, which is bidirectional anyway, to
Mark> 0 and 1. v4-encrypting (at least the cygnus version, but any
Mark> other version would have to...) or v5-anymode, rsh both use
Mark> pipes, which are one-way, to talk to the subprocess, and
Mark> rdistd dies.
I don't believe that krb5 kshd should use pipes if it's not
encrypting. Let me check the code--that's certainly not what I
intended.
It looks like the krb5 kshd only uses pipes if it has to
encrypt or if a stderr connection is supplied. I guess this does end
up almost always using a pipe.
Is it worth our trouble to use socketpair() instead of pipes
on operating systems where that is available?
