Date: Sat, 10 Aug 1996 00:54:20 -0700 (PDT) From: Peter Wemm <peter> To: CVS-committers, cvs-all, cvs-usrbin Subject: cvs commit: src/usr.bin/rdist rshrcmd.c Makefile defs.h docmd.c expand.c gram.y lookup.c main.c pathnames.h rdist.1 server.c Message-ID: <199608100754.AAA17492@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
peter 96/08/10 00:54:20
Modified: usr.bin/rdist Makefile defs.h docmd.c expand.c gram.y
lookup.c main.c pathnames.h rdist.1 server.c
Added: usr.bin/rdist rshrcmd.c
Log:
Remove the need for rdist(1) to run setuid, thus completely closing any
possibility of a security hole. It now does what rdist-6 does, and calls
/usr/bin/rsh if not running as root. There are NO protocol changes, this
is 100% compatable with the old rdist, except that it does not need setuid
root privs.
However, there are some minor differences to the base rdist-6 code in that
if it is being run by root, it will call rcmd(3) directly rather than
piping everything through rsh(1). This is a little more efficient as it
doesn't involve context switching on pipe reads/writes.
Also, the -P option was added from rdist-6.1.2, which allows an alternative
rsh program to be specified, such as ssh. Note that it requires the fixes
to the ssh port to disable the unconditional USE_PIPES option that was
recently added. The rcmd(3) optimisation is disabled if a non-rsh program
is speficied.
Revision Changes Path
1.3 +8 -4 src/usr.bin/rdist/Makefile
1.3 +9 -0 src/usr.bin/rdist/defs.h
1.5 +60 -5 src/usr.bin/rdist/docmd.c
1.3 +8 -8 src/usr.bin/rdist/expand.c
1.3 +3 -3 src/usr.bin/rdist/gram.y
1.3 +2 -2 src/usr.bin/rdist/lookup.c
1.2 +11 -3 src/usr.bin/rdist/main.c
1.2 +1 -0 src/usr.bin/rdist/pathnames.h
1.3 +9 -3 src/usr.bin/rdist/rdist.1
1.4 +15 -15 src/usr.bin/rdist/server.c
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199608100754.AAA17492>