Path: utzoo!utgpu!news-server.csri.toronto.edu!rutgers!uwm.edu!rpi!uupsi!sunic!nuug!ifi!barsoom!tih
From: tih@barsoom.nhh.no (Tom Ivar Helbekkmo)
Newsgroups: comp.unix.i386
Subject: SCO Unix inetd.conf trouble -- please help!
Summary: Login authentication trouble under SCO
Keywords: SCO,inetd,setuid
Message-ID: <900@barsoom.nhh.no>
Date: 3 Jun 90 11:31:57 GMT
Distribution: comp
Organization: Norwegian School of Economics
Lines: 27

I've got a pretty annoying problem with SCO TCP/IP 1.1.0 under SCO
Unix V/386 3.2.0 here...  There's a known bug in the TCP/IP support
stuff that makes a process started from an rc script run without
"login authentication".  This means that the process won't be able to
run any setuid/setgid programs, because the system doesn't trust it or
something.  The workaround is that you explicitly say "su root -c
command" to run the daemon in question.

OK, so I installed NNTP support.  Now, nntpd has to run rnews, which
is setuid news.  No go, of course, so I tried running inetd with an
explicit su root.  (The same thing is achieved when you kill the
existing inetd process, and restart it while logged in as root.)  Ah,
it worked!  Great!  But of course, a few other things failed...  :-(
After this change, I can't telnet or ftp into the system, because it
won't accept the login information.  This is probably some hack in the
code that's supposed to keep you from accidentally giving users root
privs when telnetting or ftping into the box.

So, what can I do?  Has anyone else had this problem, and found a way
to work it out?  I guess the thing to do is to get hold of PD versions
of telnetd and ftpd and use those -- at least I don't expect SCO to do
anything about it...  :-(

-tih
-- 
Tom Ivar Helbekkmo, NHH, Bergen, Norway.  Telephone: +47-5-959205
tih@barsoom.nhh.no, thelbekk@norunit.bitnet, edb_tom@debet.nhh.no