This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

rshd chdirs before it sets uid and gid???


I was looking at the source (rshd.c) and it 
seems backwards in the way it goes about doing 
things. It is trying to chdir to the remote 
user's home directory before it switches user 
context. That doesn't make sense- I thought 
the point of rsh was that *you* were supposed 
to be *you* and not system or root or anyone 
else. 

This is how I understand what it is doing, 
please correct me if I am wrong.

First, it checks if it is able to chdir to 
the home directory of the remote user-

if (chdir(pwd->pw_dir) < 0) {
(void) chdir("/");
#ifdef __CYGWIN__
syslog(LOG_INFO|LOG_AUTH,
    "%s@%s as %s: no home directory. cmd='%.80s'",
    remuser, hostname, locuser, cmdbuf);
error("No remote directory.\n");
exit(1);
#endif
}

Then if CYGWIN is defined, it just exits????? 
Telnet does NOT do this, it just chdirs to "/" 
and allows you to continue. 

I am running into this problem because SYSTEM 
doesn't have rights to my home directory.

It seems that the following bit of code should 
come BEFORE the chdir stuff, so SYSTEM doesn't need 
to have rights to EVERY user's home directory. 

(void) setgid((gid_t)pwd->pw_gid);
initgroups(pwd->pw_name, pwd->pw_gid);
(void) setuid((uid_t)pwd->pw_uid);
strncat(homedir, pwd->pw_dir, sizeof(homedir)-6);

I am looking at this from a common-sense point of 
view (which I know is dangerous when a microsoft 
product is in the mix)... but does rshd do this 
for a reason? It seems contrary to logic, but then 
again, I don't know the dancing that needs to be 
done to not get your toes stepped on by microsoft. 
Let me know the reasons behind this before I compile 
what looks to me like it would be a better version 
of rshd.

TIA,
Peter

-- 
Your mouse has moved.
Windows NT must be restarted for the change to take effect.
Reboot now?  [OK]

--

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]