Debian Bug report logs - #44854
pidentd: returns wrong user-id, and hangs/crashes

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Miquel van Smoorenburg <miquels@cistron.nl>

To: submit@bugs.debian.org

Subject: pidentd: returns wrong user-id, and hangs/crashes

Date: Sat, 11 Sep 1999 12:23:52 +0200

Package: pidentd
Version: 3.0.4-1
Severity: grave

Pidentd returns "root" as the userid when checking an rlogin session.
Example:

% whoami
miquels
% rlogin defiant
You are NOT allowed to rlogin to this machine!

On defiant:
Sep 11 12:07:06 defiant in.rlogind[1428]: refused connect from root@picard.cistr
on.nl

An strace on rlogind on the host "defiant" reveals that identd actually
returns "root" as the userid of the TCP socket. Ofcourse this is very
wrong. Perhaps identd is returning the the effective user-id instead
of the real user-id.

Nother thing is that after a couple of connects there are a lot of 
instances of identd and they seem to hang. In fact, as I am typing this
identd doesn't work anymore at all:

# ps ax| grep ident
10180 ?        S      0:00 identd
10181 ?        S      0:00 identd
10182 ?        R      0:06 identd
10183 ?        S      0:00 identd
10184 ?        S      0:00 identd
10185 ?        S      0:00 identd
10186 ?        S      0:00 identd
10187 ?        S      0:00 identd

10182 seems to be stuck in a loop


Mike.
-- 
... somehow I have a feeling the hurting hasn't even begun yet
	-- Bill, "The Terrible Thunderlizards"

Message #10 received at 44854@bugs.debian.org (full text, mbox, reply):

From: Herbert Xu <herbert@gondor.apana.org.au>

To: Miquel van Smoorenburg <miquels@cistron.nl>, 44854@bugs.debian.org

Subject: Re: pidentd: returns wrong user-id, and hangs/crashes

Date: Fri, 17 Sep 1999 08:17:47 +1000

severity 44854 normal
quit

On Sat, Sep 11, 1999 at 12:23:52PM +0200, Miquel van Smoorenburg wrote:
> Package: pidentd
> Version: 3.0.4-1
> Severity: grave
> 
> Pidentd returns "root" as the userid when checking an rlogin session.
> Example:
> 
> % whoami
> miquels
> % rlogin defiant
> You are NOT allowed to rlogin to this machine!
> 
> On defiant:
> Sep 11 12:07:06 defiant in.rlogind[1428]: refused connect from root@picard.cistr
> on.nl

This is how the old identd worked.  I don't see how this is a grave bug
though.

> Nother thing is that after a couple of connects there are a lot of
> instances of identd and they seem to hang. In fact, as I am typing this
> identd doesn't work anymore at all:
> 
> # ps ax| grep ident
> 10180 ?        S      0:00 identd
> 10181 ?        S      0:00 identd
> 10182 ?        R      0:06 identd
> 10183 ?        S      0:00 identd
> 10184 ?        S      0:00 identd
> 10185 ?        S      0:00 identd
> 10186 ?        S      0:00 identd
> 10187 ?        S      0:00 identd
> 
> 10182 seems to be stuck in a loop

OK, I'll look into this one.  But it's not grave either since identd will
exit after two minutes of inactivity..
-- 
Debian GNU/Linux 2.1 is out! ( http://www.debian.org/ )
Email:  Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Message #15 received at 44854@bugs.debian.org (full text, mbox, reply):

From: Herbert Xu <herbert@gondor.apana.org.au>

To: Miquel van Smoorenburg <miquels@cistron.nl>, 44854@bugs.debian.org

Subject: Re: pidentd: returns wrong user-id, and hangs/crashes

Date: Fri, 17 Sep 1999 08:21:29 +1000

On Sat, Sep 11, 1999 at 12:23:52PM +0200, Miquel van Smoorenburg wrote:
> 
> # ps ax| grep ident
> 10180 ?        S      0:00 identd
> 10181 ?        S      0:00 identd
> 10182 ?        R      0:06 identd
> 10183 ?        S      0:00 identd
> 10184 ?        S      0:00 identd
> 10185 ?        S      0:00 identd
> 10186 ?        S      0:00 identd
> 10187 ?        S      0:00 identd
> 
> 10182 seems to be stuck in a loop

Please enable debugging with -d to help me see what's happening with 10182.
Thanks.
-- 
Debian GNU/Linux 2.1 is out! ( http://www.debian.org/ )
Email:  Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Message #22 received at 44854@bugs.debian.org (full text, mbox, reply):

From: Herbert Xu <herbert@gondor.apana.org.au>

To: Miquel van Smoorenburg <miquels@cistron.nl>, 44854@bugs.debian.org

Subject: Re: pidentd: returns wrong user-id, and hangs/crashes

Date: Fri, 17 Sep 1999 09:35:46 +1000

On Fri, Sep 17, 1999 at 08:17:47AM +1000, Herbert Xu wrote:
> 
> On Sat, Sep 11, 1999 at 12:23:52PM +0200, Miquel van Smoorenburg wrote:
> > 
> > Pidentd returns "root" as the userid when checking an rlogin session.
> 
> This is how the old identd worked.  I don't see how this is a grave bug
> though.

This is not easy to fix without help from the kernel because the only
easily accessible interface /proc/net/tcp lists euids rather than uids.
It is possible to use the inode available from the same file to scan through
/proc/*/fd and find the process, but this is both slow and requires root
privilege.

So the only way this is going to be fixed is if someone can convince the
kernel people to display uids in /proc/net/tcp instead of or along side the
euids.

> > Nother thing is that after a couple of connects there are a lot of
> > instances of identd and they seem to hang. In fact, as I am typing this
> > identd doesn't work anymore at all:
> > 
> > # ps ax| grep ident
> > 10180 ?        S      0:00 identd
> > 10181 ?        S      0:00 identd
> > 10182 ?        R      0:06 identd
> > 10183 ?        S      0:00 identd
> > 10184 ?        S      0:00 identd
> > 10185 ?        S      0:00 identd
> > 10186 ?        S      0:00 identd
> > 10187 ?        S      0:00 identd
> > 
> > 10182 seems to be stuck in a loop

Found the problem, pidentd was checking for EINTR after an fgets!
-- 
Debian GNU/Linux 2.1 is out! ( http://www.debian.org/ )
Email:  Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Message #27 received at submit@bugs.debian.org (full text, mbox, reply):

From: miquels@cistron.nl (Miquel van Smoorenburg)

To: submit@bugs.debian.org

Subject: Re: Bug#44854: pidentd: returns wrong user-id, and hangs/crashes

Date: 17 Sep 1999 12:49:00 +0200

In article <cistron.19990917093546.A30630@gondor.apana.org.au>,
Herbert Xu  <herbert@gondor.apana.org.au> wrote:
>On Fri, Sep 17, 1999 at 08:17:47AM +1000, Herbert Xu wrote:
>> 
>> On Sat, Sep 11, 1999 at 12:23:52PM +0200, Miquel van Smoorenburg wrote:
>> > 
>> > Pidentd returns "root" as the userid when checking an rlogin session.
>> 
>> This is how the old identd worked.  I don't see how this is a grave bug
>> though.
>
>This is not easy to fix without help from the kernel because the only
>easily accessible interface /proc/net/tcp lists euids rather than uids.
>It is possible to use the inode available from the same file to scan through
>/proc/*/fd and find the process, but this is both slow and requires root
>privilege.

In that case, it's a bug in rlogin. It used to work; it stopped after
I upgraded the machine on which rlogin and identd run to potato.

I think that in slink, rlogin ran with euid = uid at the moment that
it connected to the remote host. In potato, rlogin probably runs with
euid = 0 at the moment it connects to the remote host. If the remote
host then uses ident to look up the userid belonging to the connection,
it will get "root" returned, which is wrong.

Will you reassign this bug to rlogin, or should I open a new
bugreport ?

>> > 10182 seems to be stuck in a loop
>
>Found the problem, pidentd was checking for EINTR after an fgets!

Ah great, so that will be fixed in the next release? Thanks a lot.

Mike.
-- 
... somehow I have a feeling the hurting hasn't even begun yet
	-- Bill, "The Terrible Thunderlizards"

Message #32 received at 44854@bugs.debian.org (full text, mbox, reply):

From: Herbert Xu <herbert@gondor.apana.org.au>

To: Miquel van Smoorenburg <miquels@cistron.nl>, 44854@bugs.debian.org

Subject: Re: Bug#44854: pidentd: returns wrong user-id, and hangs/crashes

Date: Fri, 17 Sep 1999 21:15:17 +1000

On Fri, Sep 17, 1999 at 12:49:07PM +0200, Miquel van Smoorenburg wrote:
> 
> In that case, it's a bug in rlogin. It used to work; it stopped after
> I upgraded the machine on which rlogin and identd run to potato.

It doesn't work for me with 3.07-7slink3 and r* hasn't changed in slink
since I took over the package.  If possible can you please find the
exact version of rlogin that worked for you?

> I think that in slink, rlogin ran with euid = uid at the moment that
> it connected to the remote host. In potato, rlogin probably runs with
> euid = 0 at the moment it connects to the remote host. If the remote
> host then uses ident to look up the userid belonging to the connection,
> it will get "root" returned, which is wrong.

Not possible because rcmd does all the work and your euid has to be root
before you enter rcmd.

The only right fix as far as I can see is to make the kernel export the
real uid but this of course requires some changes from the upstream kernel
people.

> >Found the problem, pidentd was checking for EINTR after an fgets!
> 
> Ah great, so that will be fixed in the next release? Thanks a lot.

Yep.
-- 
Debian GNU/Linux 2.1 is out! ( http://www.debian.org/ )
Email:  Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Message #39 received at submit@bugs.debian.org (full text, mbox, reply):

From: miquels@cistron.nl (Miquel van Smoorenburg)

To: submit@bugs.debian.org

Subject: Re: Bug#44854: pidentd: returns wrong user-id, and hangs/crashes

Date: 17 Sep 1999 19:24:36 +0200

In article <cistron.19990917211517.B13009@gondor.apana.org.au>,
Herbert Xu  <herbert@gondor.apana.org.au> wrote:
>On Fri, Sep 17, 1999 at 12:49:07PM +0200, Miquel van Smoorenburg wrote:
>> 
>> In that case, it's a bug in rlogin. It used to work; it stopped after
>> I upgraded the machine on which rlogin and identd run to potato.
>
>It doesn't work for me with 3.07-7slink3 and r* hasn't changed in slink
>since I took over the package.  If possible can you please find the
>exact version of rlogin that worked for you?

You are right (again). Rlogin is fine - it's GNU libc that changed its
behaviour, the same rlogin binary (from slink) works fine on a slink
system and gives the ident problem on a potato system.

So its rcmd() in glibc that should switch euid to real uid when opening
the TCP connection, probably with setresuid()

Hmm, I just checked the source of rcmd() in glibc 2.0 and 2.1 -
they are the same. Something weird is going on. More later -
Buffy the vampire slayer is on now ;)

Mike.
-- 
... somehow I have a feeling the hurting hasn't even begun yet
	-- Bill, "The Terrible Thunderlizards"

Message #44 received at submit@bugs.debian.org (full text, mbox, reply):

From: miquels@cistron.nl (Miquel van Smoorenburg)

To: submit@bugs.debian.org

Subject: Re: Bug#44854: pidentd: returns wrong user-id, and hangs/crashes

Date: 17 Sep 1999 21:42:47 +0200

In article <cistron.7rttgk$aqc$1@defiant.cistron.net>,
Miquel van Smoorenburg <miquels@cistron.nl> wrote:
>You are right (again). Rlogin is fine - it's GNU libc that changed its
>behaviour, the same rlogin binary (from slink) works fine on a slink
>system and gives the ident problem on a potato system.

.. but the slink system is running 2.0.37, and the potato system
is running 2.2.x. Which as it turns out makes the difference.
(See ksrc://2.2.x/linux/net/socket.c:sock_alloc() in 2.0.x and 2.2.x)

>So its rcmd() in glibc that should switch euid to real uid when opening
>the TCP connection, probably with setresuid()

I think this is the only fix. Would it be reasonable to report
a bug against glibc (with a patch), or would the glibc people
claim the patch is not relevant and that we should fix identd
and/or the kernel ?

Mike.
-- 
... somehow I have a feeling the hurting hasn't even begun yet
	-- Bill, "The Terrible Thunderlizards"

Message #49 received at 44854@bugs.debian.org (full text, mbox, reply):

From: Herbert Xu <herbert@gondor.apana.org.au>

To: Miquel van Smoorenburg <miquels@cistron.nl>, 44854@bugs.debian.org

Subject: Re: Bug#44854: pidentd: returns wrong user-id, and hangs/crashes

Date: Sat, 18 Sep 1999 07:47:03 +1000

unmerge 44854
quit

On Fri, Sep 17, 1999 at 09:42:47PM +0200, Miquel van Smoorenburg wrote:
> 
> .. but the slink system is running 2.0.37, and the potato system
> is running 2.2.x. Which as it turns out makes the difference.
> (See ksrc://2.2.x/linux/net/socket.c:sock_alloc() in 2.0.x and 2.2.x)

Yes we have a dilemma here.  We can either change the kernel to use the uid
instead of the fsuid, or we can change rlogin or glibc to do a setfsuid.
It seems to me that doing it in glibc is at least more preferrable than
doing it in rlogin because setfsuid/setfsgid is very much Linux specific.
Of course, you can also swap the uid/euid in glibc, but IMHO if you're going
to do it in the glibc anyway, it might as well be the Linux-specific
setfsuid.

> >So its rcmd() in glibc that should switch euid to real uid when opening
> >the TCP connection, probably with setresuid()
> 
> I think this is the only fix. Would it be reasonable to report
> a bug against glibc (with a patch), or would the glibc people
> claim the patch is not relevant and that we should fix identd
> and/or the kernel ?

It's possible that they'll say that it should be fixed in the kernel.  But
it won't be a problem if they say it should be fixed in identd because it
can't be :)

Perhaps we should ask their opinion on this first?
-- 
Debian GNU/Linux 2.1 is out! ( http://www.debian.org/ )
Email:  Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Message #56 received at 44854@bugs.debian.org (full text, mbox, reply):

From: Herbert Xu <herbert@gondor.apana.org.au>

To: Miquel van Smoorenburg <miquels@cistron.nl>, 44854@bugs.debian.org

Subject: Re: Bug#44854: pidentd: returns wrong user-id, and hangs/crashes

Date: Sun, 19 Sep 1999 09:09:57 +1000

reassign 44854 kernel-image-2.2.12
quit

On Sat, Sep 18, 1999 at 07:47:02AM +1000, Herbert Xu wrote:
> 
> It's possible that they'll say that it should be fixed in the kernel.  But
> it won't be a problem if they say it should be fixed in identd because it
> can't be :)
> 
> Perhaps we should ask their opinion on this first?

I'll reassign it to the kernel.

The change was introduced in 2.2.7.
-- 
Debian GNU/Linux 2.1 is out! ( http://www.debian.org/ )
Email:  Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Message #61 received at 44854-forwarded@bugs.debian.org (full text, mbox, reply):

From: Herbert Xu <herbert@gondor.apana.org.au>

To: alan@lxorguk.ukuu.org.uk

Cc: 44854-forwarded@bugs.debian.org, linux-kernel@vger.rutgers.edu, Miquel van Smoorenburg <miquels@cistron.nl>

Subject: uid change in sock_alloc breaks identd

Date: Sun, 19 Sep 1999 09:30:25 +1000

Hi:
	The following change introduced in 2.2.7 breaks identd on setuid
processes like rlogin.

--- net/socket.c    1999/03/09 17:20:19     1.1.1.1
+++ net/socket.c    1999/04/23 02:45:20     1.1.1.2
@@ -279,8 +279,8 @@

        inode->i_mode = S_IFSOCK|S_IRWXUGO;
        inode->i_sock = 1;
-       inode->i_uid = current->uid;
-       inode->i_gid = current->gid;
+       inode->i_uid = current->fsuid;
+       inode->i_gid = current->fsgid;

/proc/net/tcp is the only (if there is another one, please let me know :)
easily accessible interface from userspace to find the uid of the creator
of a TCP connection.  identd returns information based on this.

Now in the case of a setuid client like rlogin, the real uid is ther user
in question, while the euid and the fsuid are both root.  What identd should
return of course is the user's login name, not root.  This used to work fine 
because /proc/net/tcp returned i_uid, which was the real uid.  But the change
in 2.2.7 meant that it now returns root.

For more detail on this problem, please go to

http://www.debian.org/Bugs/db/44/44854.html

Now what I'd like to see is to have /proc/net/tcp again list the real uids
instead of the fsuids (if anyone actually has some use for the fsuids, maybe
you can list both of them).
-- 
Debian GNU/Linux 2.1 is out! ( http://www.debian.org/ )
Email:  Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Message #62 received at 44854-forwarded@bugs.debian.org (full text, mbox, reply):

From: owner@bugs.debian.org (Debian Bug Tracking System)

To: 44854-forwarded@bugs.debian.org, Miquel van Smoorenburg <miquels@cistron.nl>

Subject: Bug#44854: marked as forwarded (pidentd: returns wrong user-id, and hangs/crashes)

Date: 18 Sep 1999 23:33:08 -0000

Your message dated Sun, 19 Sep 1999 09:30:25 +1000
with message-id <19990919093025.A5895@gondor.apana.org.au>
and subject line uid change in sock_alloc breaks identd
has caused the Debian Bug report #44854,
regarding pidentd: returns wrong user-id, and hangs/crashes
to be marked as having been forwarded to the upstream software
author(s) alan@lxorguk.ukuu.org.uk.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Darren Benham
(administrator, Debian Bugs database)

Received: (at submit) by bugs.debian.org; 11 Sep 1999 10:23:55 +0000
Received: (qmail 31029 invoked from network); 11 Sep 1999 10:23:55 -0000
Received: from janeway.cistron.net (root@195.64.65.23)
  by master.debian.org with SMTP; 11 Sep 1999 10:23:55 -0000
Received: from defiant.cistron.net (miquels@defiant.cistron.net [195.64.65.22])
	by janeway.cistron.net (8.9.2/8.9.2/Debian/GNU) with ESMTP id MAA16989
	for <submit@bugs.debian.org>; Sat, 11 Sep 1999 12:23:52 +0200 (CEST)
Received: (from miquels@localhost)
	by defiant.cistron.net (8.9.3/8.9.3/Debian/GNU) id MAA02711
	for submit@bugs.debian.org; Sat, 11 Sep 1999 12:23:52 +0200
Date: Sat, 11 Sep 1999 12:23:52 +0200
From: Miquel van Smoorenburg <miquels@cistron.nl>
To: submit@bugs.debian.org
Subject: pidentd: returns wrong user-id, and hangs/crashes
Message-ID: <19990911122351.A1584@cistron.nl>
Mail-Followup-To: submit@bugs.debian.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.95.6i
X-NCC-RegID: nl.cistron

Package: pidentd
Version: 3.0.4-1
Severity: grave

Pidentd returns "root" as the userid when checking an rlogin session.
Example:

% whoami
miquels
% rlogin defiant
You are NOT allowed to rlogin to this machine!

On defiant:
Sep 11 12:07:06 defiant in.rlogind[1428]: refused connect from root@picard.cistr
on.nl

An strace on rlogind on the host "defiant" reveals that identd actually
returns "root" as the userid of the TCP socket. Ofcourse this is very
wrong. Perhaps identd is returning the the effective user-id instead
of the real user-id.

Nother thing is that after a couple of connects there are a lot of 
instances of identd and they seem to hang. In fact, as I am typing this
identd doesn't work anymore at all:

# ps ax| grep ident
10180 ?        S      0:00 identd
10181 ?        S      0:00 identd
10182 ?        R      0:06 identd
10183 ?        S      0:00 identd
10184 ?        S      0:00 identd
10185 ?        S      0:00 identd
10186 ?        S      0:00 identd
10187 ?        S      0:00 identd

10182 seems to be stuck in a loop


Mike.
-- 
... somehow I have a feeling the hurting hasn't even begun yet
	-- Bill, "The Terrible Thunderlizards"

Message #63 received at 44854-forwarded@bugs.debian.org (full text, mbox, reply):

From: Alan Cox <alan@lxorguk.ukuu.org.uk>

To: miquels@cistron.nl

Cc: alan@lxorguk.ukuu.org.uk, 44854-forwarded@bugs.debian.org, linux-kernel@vger.rutgers.edu

Subject: Re: uid change in sock_alloc breaks identd

Date: Sun, 19 Sep 1999 00:41:29 +0100 (BST)

> -       inode->i_uid = current->uid;
> -       inode->i_gid = current->gid;
> +       inode->i_uid = current->fsuid;
> +       inode->i_gid = current->fsgid;
> 
> Now in the case of a setuid client like rlogin, the real uid is ther user

Well your rlogin should have dropped back to the real user except for
the call to bind() 8). The above also fixes well designed apps where if you
ran them under su you got a wrong report 8)

Alan

Message #64 received at 44854-forwarded@bugs.debian.org (full text, mbox, reply):

From: Miquel van Smoorenburg <miquels@cistron.nl>

To: Alan Cox <alan@lxorguk.ukuu.org.uk>

Cc: 44854-forwarded@bugs.debian.org, linux-kernel@vger.rutgers.edu, Herbert Xu <herbert@gondor.apana.org.au>

Subject: Re: uid change in sock_alloc breaks identd

Date: Tue, 21 Sep 1999 23:00:06 +0200

According to Alan Cox:
> > -       inode->i_uid = current->uid;
> > -       inode->i_gid = current->gid;
> > +       inode->i_uid = current->fsuid;
> > +       inode->i_gid = current->fsgid;
> > 
> > Now in the case of a setuid client like rlogin, the real uid is ther user
> 
> Well your rlogin should have dropped back to the real user except for
> the call to bind() 8).

Well the problem is that rlogin and rsh call the library function
rcmd(). That function _has_ to be called with euid == 0.

The above change in 2.2.7 simply broke GNU libc. All versions ..
For apparently no reason (AFAICS, IMHO etc)

> The above also fixes well designed apps where if you
> ran them under su you got a wrong report 8)

I don't understand, whatever you run under su runs with
uid == suid == euid == fsuid, right ?

Anyway, a Linux-specific fix in rlogin and rsh is possible by doing

	setfsuid(getuid());
	.. rcmd() ..
	setfsuid(geteuid());

That will work under all kernels, and will not break stuff
when the rcmd() function in glibc is fixed (or the kernel.....)

So Herbert, please fix rlogin and rsh :]

Mike.
-- 
... somehow I have a feeling the hurting hasn't even begun yet
	-- Bill, "The Terrible Thunderlizards"

Message #65 received at 44854-forwarded@bugs.debian.org (full text, mbox, reply):

From: allbery@kf8nh.apk.net

To: miquels@cistron.nl

Cc: alan@lxorguk.ukuu.org.uk, 44854-forwarded@bugs.debian.org, linux-kernel@vger.rutgers.edu, herbert@gondor.apana.org.au

Subject: Re: uid change in sock_alloc breaks identd

Date: Tue, 21 Sep 1999 18:01:46 -0400 (EDT)

On 21 Sep, Miquel van Smoorenburg wrote:
+-----
|  Anyway, a Linux-specific fix in rlogin and rsh is possible by doing
|  
|  	setfsuid(getuid());
|  	.. rcmd() ..
|  	setfsuid(geteuid());
|  
|  That will work under all kernels, and will not break stuff
|  when the rcmd() function in glibc is fixed (or the kernel.....)
|  
|  So Herbert, please fix rlogin and rsh :]
+--->8

"All the world's a Linux" --- NOT.  I hope that proto-smiley is for
real....

-- 
brandon s. allbery	   os/2,linux,solaris,perl	allbery@kf8nh.apk.net
system administrator	   kthkrb,heimdal,gnome,rt	  allbery@ece.cmu.edu
carnegie mellon / electrical and computer engineering			kf8nh
    We are Linux. Resistance is an indication that you missed the point.

Message #74 received at 44854-done@bugs.debian.org (full text, mbox, reply):

From: Herbert Xu <herbert@gondor.apana.org.au>

To: 44854-done@bugs.debian.org

Subject: Re: uid change in sock_alloc breaks identd

Date: Fri, 24 Sep 1999 08:35:34 +1000

On Tue, Sep 21, 1999 at 11:00:06PM +0200, Miquel van Smoorenburg wrote:
> 
> So Herbert, please fix rlogin and rsh :]

Done.
-- 
Debian GNU/Linux 2.1 is out! ( http://www.debian.org/ )
Email:  Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Send a report that this bug log contains spam.