Path: utzoo!utgpu!news-server.csri.toronto.edu!mailrus!cs.utexas.edu!samsung!zaphod.mps.ohio-state.edu!rpi!sci.ccny.cuny.edu!phri!cmcl2!stealth.acf.nyu.edu!brnstnd
From: brnstnd@stealth.acf.nyu.edu
Newsgroups: comp.unix.wizards
Subject: Re: Socket problem, please help
Message-ID: <6943:Apr1421:50:1290@stealth.acf.nyu.edu>
Date: 14 Apr 90 21:50:12 GMT
References: <2812@milton.acs.washington.edu>
Reply-To: brnstnd@stealth.acf.nyu.edu (Dan Bernstein)
Distribution: usa
Organization: IR
Lines: 27
X-Relevant-Advertisement: auth 2.0, coming soon to a source group near you

In article <2812@milton.acs.washington.edu> eliot@dodongo.engr.washington.edu (Eliot Lim) writes:
> The program is a file server/client using sockets for transfer.
> The client program prompts the user for a filename, sends it through
> the socket to the server, the server reads the file and sends it back
> through the socket.

auth to the rescue...

foo: #!/bin/sh
     # Look Ma, no passwords!
     (date; echo "$PROTO:$REMOTE") >> fileserver.log
     # security: only allow requests if authenticated and from right source
     if [ x"$PROTO:$REMOTE" = xTCP:eliot@128.19.95.8 ]
     then cat < "`head -1`" # might want to strip out slashes with | tr -d /
     fi

server% attachport -X -p50505 ./foo &
dodongo% authtcp -R server 50505 sh -c 'echo -n Filename:" ";head -1>&6;cat<&6'

The -X on attachport means that the user on the server side isn't
authenticated; the -R on authtcp means not to look for the server's
authentication. For more security in case 50505 might not be free,
-p50505 should be replaced by -1, the port chosen by the system should
be communicated in some other way, and -R/-X should disappear in favor
of client REMOTE tests.

---Dan