This is the mail archive of the libc-alpha@sources.redhat.com mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

ruserok bug


>Submitter-Id:	net
>Originator:	Olaf Kirch
>Organization:	Caldera Systems, Inc
>Confidential:	no
>Synopsis:	ruserok bug
>Severity:	serious
>Priority:	medium
>Category:	libc
>Class:		sw-bug
>Release:	libc-2.1.91
>Environment:

	Caldera Linux Technology Preview
Host type: i386-pc-linux-gnu
System: Linux flash.lst.de 2.4.0 #1 SMP Wed Jul 12 16:46:34 CEST 2000 i686 unknown
Architecture: i686

Addons: linuxthreads
Build CFLAGS: -O2 -march=i386 -mcpu=pentiumpro
Build CC: gcc
Compiler version: 2.95.2 19991024 (release)
Kernel headers: 2.4.0
Symbol versioning: yes
Build static: yes
Build shared: yes
Build pic-default: no
Build profile: yes
Build omitfp: no
Build bounded: no
Build static-nss: no
Stdio: libio

>Description:
        The ruserok() function in glibc-2.1.91 is buggy.
        "rsh localhost ls" always gives me permission denied even
        though localhost is listed.

        The bug is that when checking a host, glibc wants
        to be clever and check IP address entries in .rhosts
        without consulting the name server.

        What it does is

                if (remote addr can be represented as ASCII) {
                        if (equal to host from .rhosts file)
                                return 1;
                        return -1;
                }

        So basically ruserok works for .rhosts files that contain
        IP addrs but nothing else.

        The Fix section contains a patch for this problem.

>How-To-Repeat:
	With glibc 2.1.91 and netkit-rsh-1.16 on Linux, try

	$ echo localhost >> .rhosts
	$ rsh localhost ls
	Permission denied
>Fix:
--- rcmd.c.orig	Tue Aug 29 16:13:21 2000
+++ rcmd.c	Tue Aug 29 16:07:30 2000
@@ -615,8 +615,9 @@
 	/* XXX */
 	if (getnameinfo(ra, ralen,
 			raddr, sizeof(raddr), NULL, 0,
-			NI_NUMERICHOST) == 0)
-		return negate * (strcmp(raddr, lhost) == 0);
+			NI_NUMERICHOST) == 0
+	 && strcmp(raddr, lhost) == 0)
+		return negate;
 
 	/* Better be a hostname. */
 	match = 0;

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]