This is the mail archive of the
libc-alpha@sources.redhat.com
mailing list for the glibc project.
ruserok bug
- To: libc-alpha at sourceware dot cygnus dot com
- Subject: ruserok bug
- From: Olaf Kirch <okir at flash dot lst dot de>
- Date: Tue, 29 Aug 2000 16:38:09 +0200
>Submitter-Id: net
>Originator: Olaf Kirch
>Organization: Caldera Systems, Inc
>Confidential: no
>Synopsis: ruserok bug
>Severity: serious
>Priority: medium
>Category: libc
>Class: sw-bug
>Release: libc-2.1.91
>Environment:
Caldera Linux Technology Preview
Host type: i386-pc-linux-gnu
System: Linux flash.lst.de 2.4.0 #1 SMP Wed Jul 12 16:46:34 CEST 2000 i686 unknown
Architecture: i686
Addons: linuxthreads
Build CFLAGS: -O2 -march=i386 -mcpu=pentiumpro
Build CC: gcc
Compiler version: 2.95.2 19991024 (release)
Kernel headers: 2.4.0
Symbol versioning: yes
Build static: yes
Build shared: yes
Build pic-default: no
Build profile: yes
Build omitfp: no
Build bounded: no
Build static-nss: no
Stdio: libio
>Description:
The ruserok() function in glibc-2.1.91 is buggy.
"rsh localhost ls" always gives me permission denied even
though localhost is listed.
The bug is that when checking a host, glibc wants
to be clever and check IP address entries in .rhosts
without consulting the name server.
What it does is
if (remote addr can be represented as ASCII) {
if (equal to host from .rhosts file)
return 1;
return -1;
}
So basically ruserok works for .rhosts files that contain
IP addrs but nothing else.
The Fix section contains a patch for this problem.
>How-To-Repeat:
With glibc 2.1.91 and netkit-rsh-1.16 on Linux, try
$ echo localhost >> .rhosts
$ rsh localhost ls
Permission denied
>Fix:
--- rcmd.c.orig Tue Aug 29 16:13:21 2000
+++ rcmd.c Tue Aug 29 16:07:30 2000
@@ -615,8 +615,9 @@
/* XXX */
if (getnameinfo(ra, ralen,
raddr, sizeof(raddr), NULL, 0,
- NI_NUMERICHOST) == 0)
- return negate * (strcmp(raddr, lhost) == 0);
+ NI_NUMERICHOST) == 0
+ && strcmp(raddr, lhost) == 0)
+ return negate;
/* Better be a hostname. */
match = 0;