Bug 16170

Summary: RFE: enable REMOTEHOST (pam_env)
Product: [Retired] Red Hat Linux Reporter: Michael Redinger <michael.redinger>
Component: rshAssignee: Nalin Dahyabhai <nalin>
Status: CLOSED DUPLICATE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 7.1   
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2001-06-16 16:01:40 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Michael Redinger 2000-08-14 16:32:19 UTC 
It would be nice to see the REMOTEHOST Variable enabled per default (ie. to
see what computer you're coming from):

- uncomment REMOTEHOST in /etc/security/pam_env.conf
add 
auth       required     /lib/security/pam_env.so
to /etc/pam.d/login, /etc/pam.d/rlogin and /etc/pam.d/rsh
just before
auth       required     /lib/security/pam_nologin.so
Comment 1 Nalin Dahyabhai 2000-08-16 22:31:38 UTC 
Reclassifying to the rsh package, which owns in.rshd and in.rlogind's PAM
configuration files.
Comment 2 Phil Knirsch 2001-06-16 15:08:14 UTC 
The /lib/security/pam_env.so has been since RH 7.1, only the REMOTEHOST entry in
/etc/security/pam_env.conf is still missing.

I'll discuss possisble security issues with the folks here and if it is
considered to be safe i'll include it in pam as well. If not i'll let you know
as well.

Read ya, Phil
Comment 3 Michael Redinger 2001-06-16 16:01:33 UTC 
I now tried to make PAM_RUSER and PAM_RHOST actually work, but didn't get it 
right (PAM_RHOST works for rlogin but not for rsh, PAM_RUSER never seems to 
work).
Looking at the r*d code I'd say it can't work ...

Therefore I didn't use PAM to set these variables but did set it in rshd and 
rlogind directly.

See #42880 . Maybe that's the proper solution (I asked on the beta list, but 
there was no answer).


Michael
Comment 4 Phil Knirsch 2001-10-22 13:37:15 UTC 
I've spent some time looking at the problem you described and it is actually the
same as described in #42880, and from what i've seen this is really the only
possible and proper solution, so i'll include the patch resp. a less buffer
overflow prone on in one of the next rsh packages.

Read ya, Phil

*** This bug has been marked as a duplicate of 42880 ***