This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
possibility of a security hole. It now does what rdist-6 does, and calls
/usr/bin/rsh if not running as root. There are NO protocol changes, this
is 100% compatable with the old rdist, except that it does not need setuid
root privs.
However, there are some minor differences to the base rdist-6 code in that
if it is being run by root, it will call rcmd(3) directly rather than
piping everything through rsh(1). This is a little more efficient as it
doesn't involve context switching on pipe reads/writes.
Also, the -P option was added from rdist-6.1.2, which allows an alternative
rsh program to be specified, such as ssh. Note that it requires the fixes
to the ssh port to disable the unconditional USE_PIPES option that was
recently added. The rcmd(3) optimisation is disabled if a non-rsh program
is speficied.
Obtained from: Christos Zoulas <christos@deshaw.com> via NetBSD PR 2621,
[ slightly modified since we don't use libcompat anymore. ]
I'm not sure if this fixes the rdist security bug completely, but it
sure can't hurt!
Jordan K. Hubbard
Peter Wemm
Eivind Eklund
Bruce Evans
Nate Williams
Rodney W. Grimes
Garrett Wollman