diff --git a/libexec/rexecd/rexecd.8 b/libexec/rexecd/rexecd.8 index 4c8626852df2..b29f38eb49a6 100644 --- a/libexec/rexecd/rexecd.8 +++ b/libexec/rexecd/rexecd.8 @@ -39,7 +39,7 @@ .Nm rexecd .Nd remote execution server .Sh SYNOPSIS -.Nm rexecd +.Nm rexecd [-i] .Sh DESCRIPTION .Nm Rexecd is the server for the @@ -99,9 +99,11 @@ by .El .Sh CAVEATS .Nm Rexecd -will no longer allow root logins, access for users listed in +will not allow root logins unless the -i option is given on +the command line (typically in inetd.conf). It will also +disallow access for users listed in .Pa /etc/ftpusers , -or access for users with no passwords, which were all serious security holes. +or users with no passwords, which were all serious security holes. The entire concept of rexec/rexecd is a major security hole and an example of how not to do things. .Nm Rexecd diff --git a/libexec/rexecd/rexecd.c b/libexec/rexecd/rexecd.c index 10c2f2be98c6..bd8876cbaadd 100644 --- a/libexec/rexecd/rexecd.c +++ b/libexec/rexecd/rexecd.c @@ -82,6 +82,8 @@ void getstr __P((char *, int, char *)); /*VARARGS1*/ void error __P(()); +int no_uid_0 = 1; + /* * remote execute server: * username\0 @@ -99,6 +101,9 @@ main(argc, argv) int fromlen; struct hostent *hp; + if (argc == 2 && !strcmp(argv[1], "-i")) + no_uid_0 = 0; + openlog(argv[0], LOG_PID, LOG_AUTH); fromlen = sizeof (from); if (getpeername(0, (struct sockaddr *)&from, &fromlen) < 0) @@ -191,7 +196,7 @@ doit(f, fromp) } } - if (pwd->pw_uid == 0 || *pwd->pw_passwd == '\0' || + if ((pwd->pw_uid == 0 && no_uid_0) || *pwd->pw_passwd == '\0' || (pwd->pw_expire && time(NULL) >= pwd->pw_expire)) { syslog(LOG_ERR, "%s LOGIN REFUSED from %s", user, remote); error("Login incorrect.\n");