Bug 9540

Summary: identd runs as root, not 'nobody'
Product: [Retired] Red Hat Linux Reporter: wingc
Component: netkit-baseAssignee: Jeff Johnson <jbj>
Status: CLOSED DUPLICATE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 6.2CC: alan
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
URL: http://www.engin.umich.edu/caen/systems/Linux/code/patches/pidentd-3.0.10-security.patch
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2000-02-21 16:02:15 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description wingc 2000-02-18 01:13:55 UTC 
The file /etc/inetd.conf erroneously runs the identd daemon as root. This
is unnecessary and should be changed to 'nobody':

auth	stream	tcp	wait	nobody	/usr/sbin/in.identd in.identd -e -o


Thanks,

Chris Wing
wingc.edu
Comment 1 Alan Cox 2000-02-18 11:18:59 UTC 
Verified. Identd is now supposed to start off
/etc/rc.d/init.d/identd . This looks like a bug in the code. The
initial thread drops to nobody the others do not.
(Checked by attaching with gdb and doing call geteuid())
Comment 2 wingc 2000-02-18 18:50:59 UTC 
Alan,

See bug #9539 for RH 6.2 beta and bug #9206 for RH 6.1.

I've already fixed this:

http://www.engin.umich.edu/caen/systems/Linux/code/patches/pidentd-3.0.10-security.patch


Thanks,

Chris Wing
wingc.edu
Comment 3 Bill Nottingham 2000-02-21 16:02:59 UTC 
*** This bug has been marked as a duplicate of 9206 ***