Bug#298985: libc6-dev: ruserok failes when hosts.equiv and .rhosts are symlinks
At Mon, 14 Mar 2005 09:51:12 -0800,
Ryan Lovett wrote:
> On Mon, Mar 14, 2005 at 11:10:50PM +0900, GOTO Masanori wrote:
> > At Thu, 10 Mar 2005 15:11:06 -0800,
> > Ryan Lovett wrote:
> > > I don't know if this is intentional, but if /etc/hosts.equiv or .rhosts
> > > are symlinks, ruserok fails. Moving the target of the link into place
> > > causes ruserok to succeed.
> >
> > ruserok() does not accept when it's not regular file.
>
> What is the reason for this? Is this a security feature or buggy behavior?
This behavior has been described in man rcmd(3). This rules has been
applied for a long time without objections. It's glibc's feature.
> > > Symlinks are fine on Solaris.
> >
> > The behaivor of ruserok is OS-dependent, so Solaris is not related
> > with this report.
>
> I know that its libC dependent, but I thought I'd give an example of
> another OS whose libC doesn't have this behavior. Why does glibc's ruserok
> behave this way with respect to links? Is it a security issue?
BSD* have the same behavior with glibc for symlink handling due to
security consideration.
Regards,
-- gotom
Reply to: