[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

.rhosts, NFS, pam_rhosts_auth



Hello!

I encountered a mistake in pam_rhosts_auth.c. Due to this mistake it
isn't possible to rlogin or rsh to another machine using the .rhosts
file. This only happens if your home directory is mounted via NFS!

As you can see from the patch I appended, you have to set the real
UID back to -1 (root-squashing!) after reading .rhosts and _not_
before. If unsure, compare this with the source of rcmd.c in libc-5.4
which you can find in the inet directory.

Also it is strongly recommended that you install NetKit-0.09-1 (requires
ncurses-4.0-2). The old NetKit-B-0.08-14 has got a bug. It returns back
the wrong machine name (we are using NIS and amd) using rlogin or 
something similar.

Here is the patch:

--- pam_rhosts_auth.c	Tue Mar  4 16:08:52 1997
+++ pam_rhosts_auth.c.DIST	Sun Dec  1 04:09:48 1996
@@ -339,11 +339,10 @@
     uid = geteuid();
     (void)seteuid(pwd->pw_uid);
     hostf = fopen(pbuf, "r");
-	/* (void)seteuid(uid); */
+    (void)seteuid(uid);
 	
-    if (hostf == NULL) {
-    	(void)seteuid(uid);
-	return(1); }
+    if (hostf == NULL)
+	return(1);
 
     /*
      * If not a regular file, or is owned by someone other than
@@ -367,18 +366,12 @@
     if (cp) {
 	opts->last_error = cp;
 	fclose(hostf);
-
-	(void)seteuid(uid);
-
 	return(1);
     }
 
     answer = __ivaliduser (opts, hostf, raddr, luser, ruser);
     (void) fclose(hostf);
-
-	(void)seteuid(uid);
-
-	return (answer);
+    return (answer);
 }
 
 static int

Ciao ...
	... PIT ...

----------------------------------------------------------------------
 Peter Allgeyer     |  http://www.informatik.tu-muenchen.de/~allgeyer  
 Birkenstr. 10      |       _-_        Phone: 0 86 23 / 13 60
 84558 Kirchweidach |     0(o_o)0         linux inside ...
-----------------------oOO--(_)--OOo----------------------------------



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []