bugs in 1.4.0

[Chris Ulherr]

Problem: (using Linux as a server) When files from a remote host are
rcp'd to the server, if they do not exist, they are created with
owner=root. They should, however, have the owner set to the user you are
coming in as. For example, if I do a 'address@hidden:~$ rcp file.txt
address@hidden:~/'
The file 'file.txt` should be created on the machine gibbins, in user
peter's home directory, *and be owned by peter*, not root.

The problem lies in rshd.c (line 864)
seteuid ((uid_t)pwd->pw_uid);

Immediately after this a
setuid ((uid_t)pwd->pw_uid);
is done.

The functionality of setuid (in the latest linux kernel releases
anyway) is to change the real, effective and saved user id bits *if the
effective user id is that of the superuser*.
However, just before the call to setuid, the effective userid is changed
to a a non-superuser user (unless you rsh in as root). Therefore the
subsequent call to setuid fails. The userid is left as the owner of the
process (usually root). When execl is called (line 892) it has uid=0 and
this subsequently leads to files that are created being owned by root.


To fix this, you can simply comment out line 864
/* seteuid ((uid_t)pwd->pw_uid); */





Another smaller issue:
In rcp.c, the 'OPTIONS' string does not contain a 'V`. Therefore one
cannot see version information by doing 'rcp -V', only 'rcp --version'.
However, 'rcp --help' states I should be able to do both.



Thanks,

Chris Ulherr