karrer@bernina.ethz.ch (Andreas Karrer) (04/07/91)
On my sun, I recently build a new shared libc.so that does hostname lookup by first searching /etc/hosts and then asking the DNS. I believe this is the Right Thing to do because: - you have hosts like "localhost" in /etc/hosts where they should be; - you don't do high-level protocol conversion as with the "B=-b" kludge. Almost everything (ping/telnet/rsh/rlogin/ftp etc) works fine EXCEPT rcp. Reason: % file /usr/ucb/rcp /usr/ucb/rsh /usr/ucb/rcp: sparc demand paged set-uid executable /usr/ucb/rsh: sparc pure dynamically linked set-uid executable oops - rcp does not use /usr/lib/libc.so.n.n.n... And I was beginning to hope we could throw away the hosts.* NIS maps... Is there any (security?) reason for rcp NOT being dynamically linked? Ok, rcp is setuid root, but then, so are rsh and rlogin. +----------- Andi Karrer, Communication Systems, ETH Zuerich, Switzerland karrer@bernina.ethz.ch
barmar@think.com (Barry Margolin) (04/08/91)
In article <1991Apr7.114340.3310@bernina.ethz.ch> karrer@bernina.ethz.ch (Andreas Karrer) writes: >Is there any (security?) reason for rcp NOT being dynamically linked? >Ok, rcp is setuid root, but then, so are rsh and rlogin. I think it's statically linked so that it can be used for disaster recovery. If you somehow trash your shared library you can use rcp to copy a new one from another machine on the net. The "right" thing to do is to create a statically-linked version in /sbin, but put a dynamically-linked version in /usr/ucb. -- Barry Margolin, Thinking Machines Corp. barmar@think.com {uunet,harvard}!think!barmar