From owner-freebsd-questions  Fri Jul  3 00:03:41 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id AAA27877
          for freebsd-questions-outgoing; Fri, 3 Jul 1998 00:03:41 -0700 (PDT)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from gatekeeper.falcon.com (appp8.sysnet.net [206.142.16.27])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id AAA27851
          for <freebsd-questions@freebsd.org>; Fri, 3 Jul 1998 00:03:37 -0700 (PDT)
          (envelope-from patton@sysnet.net)
Received: from [192.168.1.10] ([192.168.1.10])
	by gatekeeper.falcon.com (8.8.8/8.8.5) with ESMTP id CAA19301
	for <freebsd-questions@freebsd.org>; Fri, 3 Jul 1998 02:55:16 -0400 (EDT)
X-Sender: patton@mail.sysnet.net (Unverified)
Message-Id: <l03110704b1c0df8abe35@[192.168.1.10]>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Date: Thu, 2 Jul 1998 03:07:42 -0400
To: freebsd-questions@FreeBSD.ORG
From: Matthew Patton <patton@sysnet.net>
Subject: CVS and suid behavior of rsh
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Forgive me if this is not the correct forum but I don't see a list for
developers in the hierarchy...

My primary OS is OpenBSD, FWIW.

I noticed that when I tried to grab updated sources via anoncvs, rsh was
opening a connection on a low port. Given how rsh does "authentication" and
is suid root this is understandable behavior. I'm sitting behind a FW that
prohibits anything origining below 1024, however. So I UNsuid'd it and rsh
promptly blew up with a SIOCTL error.

In OpenBSD, we don't use rsh but ssh instead. It's been so long since I've
used 'traditional' rsh but if memory serves the program does work even if
not suid. Though being able to talk to the daemon on the other end may be
problematic.

So is there anyone in the anoncvs userbase who would prefer to ssh instead?
What are my options aside from letting outbound connections from low ports?

--------
It is by caffeine alone I set my mind in motion, it is by the beans of Java
that thoughts acquire speed, the hands acquire shaking, the shaking becomes
a warning, it is by caffeine alone I set my mind in motion.



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message