Commit Graph

5 Commits

Author SHA1 Message Date
Paul Traina
a13e275f66 Back out recent security patch for rexecd. After more careful analysis,
it is both uneeded and breaks certain lock-step timing in the rexec
protocol.

Yes, an attacker can "relay" connections using this trick,  but a properly
configured firewall that would make this sort of subterfuge necessary in the
first place (instead of direct packet spoofing) would also thwart useful
attacks based on this.
1996-11-22 08:59:07 +00:00
Paul Traina
6c6cc60e38 Do not attempt to open reverse channel until authentication phase has
succeeded.

Never allow the reverse channel to be to a privileged port.

Cannidate for:	2.1 and 2.2 branches

Reviewed by:	pst (with local cleanups)
Submitted by:	Cy Shubert <cy@cwsys.cwent.com>
Obtained from:	Jaeger <jaeger@dhp.com> via BUGTRAQ
1996-11-19 18:03:16 +00:00
Wolfram Schneider
148531ef1e add forgotten $Id$ 1996-09-22 21:56:57 +00:00
Paul Traina
cda3118c2e Tighen up rexecd(8) security (see manual page for details).
Rexecd is a crock, it never should have been written,  however make it so
that people who have a need to run it don't hurt themselves so badly.

Obtained from: Ideas obtained from logdaemon 4.3 from Wietse Venema
1994-09-29 09:23:58 +00:00
Rodney W. Grimes
ea022d1687 BSD 4.4 Lite Libexec Sources 1994-05-27 12:39:25 +00:00