Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.2.fluke 9/24/84; site vax4.fluke.UUCP
Path: utzoo!watmath!clyde!burl!ulysses!mhuxr!mhuxt!houxm!vax135!cornell!uw-beaver!fluke!norm
From: norm@fluke.UUCP (Norm Seethoff)
Newsgroups: net.bugs.4bsd
Subject: Short summary of the problem
Message-ID: <2841@vax4.fluke.UUCP>
Date: Fri, 25-Oct-85 10:43:11 EDT
Article-I.D.: vax4.2841
Posted: Fri Oct 25 10:43:11 1985
Date-Received: Sat, 26-Oct-85 08:09:15 EDT
Organization: John Fluke Mfg. Co., Inc., Everett, WA
Lines: 29

Index:	etc/rshd.c 4.2BSD [+FIX]

Description:
	rshd does not establish the same umask as login.  Files created
	via commands executed by rshd on behalf of a remote client have
	world write permission.

Repeat-By:
	execute:
		rsh remotesystem umask
	and find that the result is consistently returned as 0.
	or:
		rsh remotesystem touch /tmp/foo
	and find that the mode of /tmp/foo is -rw-rw-rw-

Fix:
	Add a umask call to rshd in the vicinity of line 270 as
	in the following code fragment:

		environ = envinit;
		strncat(homedir, pwd->pw_dir, sizeof(homedir)-6);
		strncat(shell, pwd->pw_shell, sizeof(shell)-7);
		strncat(username, pwd->pw_name, sizeof(username)-6);
		umask(022);     /* set same default umask as in login */


Norm Seethoff
John Fluke Mfg. Co., Inc.
{decvax!microso | uw-beaver | allegra | lbl-csam}!fluke!norm