Bug 16170 - RFE: enable REMOTEHOST (pam_env)
RFE: enable REMOTEHOST (pam_env)
Status: CLOSED DUPLICATE of bug 42880
Product: Red Hat Linux
Classification: Retired
Component: rsh (Show other bugs)
7.1
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2000-08-14 12:32 EDT by Michael Redinger
Modified: 2008-05-01 11:37 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-06-16 12:01:40 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Michael Redinger 2000-08-14 12:32:19 EDT
It would be nice to see the REMOTEHOST Variable enabled per default (ie. to
see what computer you're coming from):

- uncomment REMOTEHOST in /etc/security/pam_env.conf
add 
auth       required     /lib/security/pam_env.so
to /etc/pam.d/login, /etc/pam.d/rlogin and /etc/pam.d/rsh
just before
auth       required     /lib/security/pam_nologin.so
Comment 1 Nalin Dahyabhai 2000-08-16 18:31:38 EDT
Reclassifying to the rsh package, which owns in.rshd and in.rlogind's PAM
configuration files.
Comment 2 Phil Knirsch 2001-06-16 11:08:14 EDT
The /lib/security/pam_env.so has been since RH 7.1, only the REMOTEHOST entry in
/etc/security/pam_env.conf is still missing.

I'll discuss possisble security issues with the folks here and if it is
considered to be safe i'll include it in pam as well. If not i'll let you know
as well.

Read ya, Phil
Comment 3 Michael Redinger 2001-06-16 12:01:33 EDT
I now tried to make PAM_RUSER and PAM_RHOST actually work, but didn't get it 
right (PAM_RHOST works for rlogin but not for rsh, PAM_RUSER never seems to 
work).
Looking at the r*d code I'd say it can't work ...

Therefore I didn't use PAM to set these variables but did set it in rshd and 
rlogind directly.

See #42880 . Maybe that's the proper solution (I asked on the beta list, but 
there was no answer).


Michael
Comment 4 Phil Knirsch 2001-10-22 09:37:15 EDT
I've spent some time looking at the problem you described and it is actually the
same as described in #42880, and from what i've seen this is really the only
possible and proper solution, so i'll include the patch resp. a less buffer
overflow prone on in one of the next rsh packages.

Read ya, Phil

*** This bug has been marked as a duplicate of 42880 ***

Note You need to log in before you can comment on or make changes to this bug.