Path: utzoo!utgpu!news-server.csri.toronto.edu!rutgers!mit-eddie!bloom-beacon!athena.mit.edu!jik
From: jik@athena.mit.edu (Jonathan I. Kamens)
Newsgroups: comp.unix.internals
Subject: Re: SunOS and shared libraries, security aspects
Message-ID: <1990Sep4.235353.18586@athena.mit.edu>
Date: 4 Sep 90 23:53:53 GMT
References: <4009@auspex.auspex.com> <13340@hydra.gatech.EDU>
Sender: daemon@athena.mit.edu (Mr Background)
Reply-To: jik@athena.mit.edu (Jonathan I. Kamens)
Distribution: usa
Organization: Massachusetts Institute of Technology
Lines: 16

In article <13340@hydra.gatech.EDU>, gt0178a@prism.gatech.EDU (BURNS,JIM) writes:
|> Thanx, but I'm still a little confused - somehow, when you login to the
|> remote host, it has to set your uid. If rshd and rlogind don't use
|> setuid(3) (can't, if they aren't set-uid) to set your privileges, what
|> does?

  They don't have to be setuid to use setuid(3).  They have to run as root.

  If they are run by inetd, for example, they can be run as root even if they
are not setuid root, since inetd runs as root.

-- 
Jonathan Kamens			              USnail:
MIT Project Athena				11 Ashford Terrace
jik@Athena.MIT.EDU				Allston, MA  02134
Office: 617-253-8495			      Home: 617-782-0710