Bug#298985: marked as done (libc6-dev: ruserok failes when hosts.equiv and .rhosts are symlinks)
Your message dated Thu, 17 Mar 2005 10:09:45 +0900
with message-id <81mzt384di.wl@omega.webmasters.gr.jp>
and subject line Bug#298985: libc6-dev: ruserok failes when hosts.equiv and .rhosts are symlinks
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 10 Mar 2005 23:11:38 +0000
>From ryan@stat.berkeley.edu Thu Mar 10 15:11:38 2005
Return-path: <ryan@stat.berkeley.edu>
Received: from gandalf.berkeley.edu [128.32.135.47]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1D9Woc-0006QO-00; Thu, 10 Mar 2005 15:11:38 -0800
Received: from morgoth.berkeley.edu (morgoth.berkeley.edu [128.32.135.41])
by gandalf.Berkeley.EDU (8.11.7p1+Sun/8.11.7) with ESMTP id j2ANB7L02272;
Thu, 10 Mar 2005 15:11:07 -0800 (PST)
Received: from morgoth.berkeley.edu (localhost.Berkeley.EDU [127.0.0.1])
by morgoth.berkeley.edu (8.13.2/8.13.2/Debian-1) with ESMTP id j2ANB7V2025509;
Thu, 10 Mar 2005 15:11:07 -0800
Received: (from ryan@localhost)
by morgoth.berkeley.edu (8.13.2/8.13.2/Submit) id j2ANB6LH025506;
Thu, 10 Mar 2005 15:11:06 -0800
Message-Id: <[🔎] 200503102311.j2ANB6LH025506@morgoth.berkeley.edu>
X-Authentication-Warning: morgoth.berkeley.edu: ryan set sender to ryan@stat.berkeley.edu using -f
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Ryan Lovett <ryan@stat.Berkeley.EDU>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: libc6-dev: ruserok failes when hosts.equiv and .rhosts are symlinks
X-Mailer: reportbug 3.5
Date: Thu, 10 Mar 2005 15:11:06 -0800
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: libc6-dev
Version: 2.3.2.ds1-19.0.0.2.pure64
Severity: normal
I don't know if this is intentional, but if /etc/hosts.equiv or .rhosts
are symlinks, ruserok fails. Moving the target of the link into place
causes ruserok to succeed. ruserok also succeeds if hard links are used.
Symlinks are fine on Solaris.
-- System Information:
Debian Release: 3.1
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.9-9-amd64-k8-smp
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Versions of packages libc6-dev depends on:
ii libc6 2.3.2.ds1-19.0.0.2.pure64 GNU C Library: Shared libraries an
ii linux-kernel-h 2.5.999-test7-bk-17 Linux Kernel Headers for developme
-- no debconf information
---------------------------------------
Received: (at 298985-done) by bugs.debian.org; 17 Mar 2005 01:09:47 +0000
>From gotom@debian.or.jp Wed Mar 16 17:09:47 2005
Return-path: <gotom@debian.or.jp>
Received: from omega.webmasters.gr.jp (webmasters.gr.jp) [218.44.239.78]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DBjWF-0002pr-00; Wed, 16 Mar 2005 17:09:47 -0800
Received: from omega.webmasters.gr.jp (localhost [127.0.0.1])
by webmasters.gr.jp (Postfix) with ESMTP
id B9386DEB1B; Thu, 17 Mar 2005 10:09:45 +0900 (JST)
Date: Thu, 17 Mar 2005 10:09:45 +0900
Message-ID: <81mzt384di.wl@omega.webmasters.gr.jp>
From: GOTO Masanori <gotom@debian.or.jp>
To: Ryan Lovett <ryan@stat.Berkeley.EDU>
Cc: GOTO Masanori <gotom@debian.or.jp>, 298985-done@bugs.debian.org
Subject: Re: Bug#298985: libc6-dev: ruserok failes when hosts.equiv and .rhosts are symlinks
In-Reply-To: <[🔎] 81sm2x4ut5.wl@omega.webmasters.gr.jp>
References: <[🔎] 200503102311.j2ANB6LH025506@morgoth.berkeley.edu>
<[🔎] 81wtsa48t1.wl@omega.webmasters.gr.jp>
<[🔎] 20050314175112.GA12662@stat.berkeley.edu>
<[🔎] 81sm2x4ut5.wl@omega.webmasters.gr.jp>
User-Agent: Wanderlust/2.9.9 (Unchained Melody) SEMI/1.14.3 (Ushinoya)
FLIM/1.14.3 (=?ISO-8859-4?Q?Unebigory=F2mae?=) APEL/10.3 Emacs/21.2
(i386-debian-linux-gnu) MULE/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.3 - "Ushinoya")
Content-Type: text/plain; charset=US-ASCII
Delivered-To: 298985-done@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
At Tue, 15 Mar 2005 09:27:50 +0900,
GOTO Masanori wrote:
> At Mon, 14 Mar 2005 09:51:12 -0800,
> Ryan Lovett wrote:
> > On Mon, Mar 14, 2005 at 11:10:50PM +0900, GOTO Masanori wrote:
> > > At Thu, 10 Mar 2005 15:11:06 -0800,
> > > Ryan Lovett wrote:
> > > > I don't know if this is intentional, but if /etc/hosts.equiv or .rhosts
> > > > are symlinks, ruserok fails. Moving the target of the link into place
> > > > causes ruserok to succeed.
> > >
> > > ruserok() does not accept when it's not regular file.
> >
> > What is the reason for this? Is this a security feature or buggy behavior?
>
> This behavior has been described in man rcmd(3). This rules has been
> applied for a long time without objections. It's glibc's feature.
>
> > > > Symlinks are fine on Solaris.
> > >
> > > The behaivor of ruserok is OS-dependent, so Solaris is not related
> > > with this report.
> >
> > I know that its libC dependent, but I thought I'd give an example of
> > another OS whose libC doesn't have this behavior. Why does glibc's ruserok
> > behave this way with respect to links? Is it a security issue?
>
> BSD* have the same behavior with glibc for symlink handling due to
> security consideration.
With above reasons, I close this report. If you wonder it should be
fixed, please reopen the bug and describe what the bug is.
Regards,
-- gotom
Reply to: