Path: utzoo!utgpu!water!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!mailrus!uwmcsd1!marque!uunet!auspex!guy
From: guy@auspex.UUCP (Guy Harris)
Newsgroups: comp.unix.wizards
Subject: Re: RDUMP - socket permission problem
Keywords: dump bsd network
Message-ID: <328@auspex.UUCP>
Date: 27 Oct 88 20:40:47 GMT
References: <211@chip.UUCP>
Reply-To: guy@auspex.UUCP (Guy Harris)
Organization: Auspex Systems, Santa Clara
Lines: 18

>In my zeal to properly protect files in my UNIX system, I seem to have caused
>/etc/rdump to stop working.  Not only does it fail between systems, it fails
>to work when it is for the local system.  The error message presented is:
>
>	rcmd:socket: Permission denied

Umm, turning off the set-UID bit on "/etc/rdump" (or any other program
distributed with the system) does not count as "properly protecting
files"; you didn't do that, did you?  Programs that use "rcmd" require
root privileges, since the "rcmd" service uses a "privileged port".

>A similar problem happens when I do /etc/ping to another site.  A note here
>is that /etc/ping will work correctly when executed as ROOT.

Sounds like the same problem....

If a system program has the set-UID or set-GID bit set, leave it set
unless you *absolutely positively* know that it shouldn't be set.