Mailing-List: contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT sources DOT redhat DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT sources DOT redhat DOT com>
List-Help: <mailto:cygwin-help AT sources DOT redhat DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT sources DOT redhat DOT com
Delivered-To: mailing list cygwin AT sources DOT redhat DOT com
Message-ID: <3BBE0260.D1C3D596@cportcorp.com>
Date: Fri, 05 Oct 2001 14:56:32 -0400
From: Peter Buckley <peter DOT buckley AT cportcorp DOT com>
X-Mailer: Mozilla 4.7 [en] (WinNT; U)
X-Accept-Language: en
MIME-Version: 1.0
To: cygwin AT cygwin DOT com
Subject: rshd chdirs before it sets uid and gid???
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

I was looking at the source (rshd.c) and it 
seems backwards in the way it goes about doing 
things. It is trying to chdir to the remote 
user's home directory before it switches user 
context. That doesn't make sense- I thought 
the point of rsh was that *you* were supposed 
to be *you* and not system or root or anyone 
else. 

This is how I understand what it is doing, 
please correct me if I am wrong.

First, it checks if it is able to chdir to 
the home directory of the remote user-

if (chdir(pwd->pw_dir) < 0) {
(void) chdir("/");
#ifdef __CYGWIN__
syslog(LOG_INFO|LOG_AUTH,
    "%s@%s as %s: no home directory. cmd='%.80s'",
    remuser, hostname, locuser, cmdbuf);
error("No remote directory.\n");
exit(1);
#endif
}

Then if CYGWIN is defined, it just exits????? 
Telnet does NOT do this, it just chdirs to "/" 
and allows you to continue. 

I am running into this problem because SYSTEM 
doesn't have rights to my home directory.

It seems that the following bit of code should 
come BEFORE the chdir stuff, so SYSTEM doesn't need 
to have rights to EVERY user's home directory. 

(void) setgid((gid_t)pwd->pw_gid);
initgroups(pwd->pw_name, pwd->pw_gid);
(void) setuid((uid_t)pwd->pw_uid);
strncat(homedir, pwd->pw_dir, sizeof(homedir)-6);

I am looking at this from a common-sense point of 
view (which I know is dangerous when a microsoft 
product is in the mix)... but does rshd do this 
for a reason? It seems contrary to logic, but then 
again, I don't know the dancing that needs to be 
done to not get your toes stepped on by microsoft. 
Let me know the reasons behind this before I compile 
what looks to me like it would be a better version 
of rshd.

TIA,
Peter

-- 
Your mouse has moved.
Windows NT must be restarted for the change to take effect.
Reboot now?  [OK]

--

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/