commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Oberhuber, Martin" <Martin.Oberhu...@windriver.com>
Subject RE: RShell:All ports in use or insufficient permssion.
Date Mon, 30 Jun 2008 12:28:14 GMT
Hi,

it is a restriction by design of rlogin / rsh that the client
port must be in the "restricted ports" area < 1024, which only 
the root user may open.

I assume the reason for this is, that through the rsh 
protocol, if user x has set up a .rhosts file for his
account, then user y could "spoof" the system by making
the remote think he were x.

UNIX systems fix this by making the rsh program run with
"setuid" permissions, that is non-root clients can call
the rsh program which then executes with root permissions.

In your concrete situation, I would recommend that you either
call the external rsh binary program from Java (thus inheriting
the root permission via the setuid bit), or you switch to
using a Java SSH client such as JSch.

References:
http://en.wikipedia.org/wiki/Remote_Shell
http://en.wikipedia.org/wiki/Rlogin
http://tools.ietf.org/html/rfc1282
http://www.jcraft.com/jsch/index.html

Cheers,
--
Martin Oberhuber, Senior Member of Technical Staff, Wind River
Target Management Project Lead, DSDP PMC Member
http://www.eclipse.org/dsdp/tm
 
 

> -----Original Message-----
> From: pedritop2000-ora@yahoo.es [mailto:pedritop2000-ora@yahoo.es] 
> Sent: Friday, June 13, 2008 10:19 AM
> To: dev@commons.apache.org
> Subject: RShell:All ports in use or insufficient permssion.
> 
> Hi,
> 
> I want to invoke a command in a remote machine using 
> RSh(remote shell) from my java app, so I'm trying out the 
> examples.rshell class in commons-net-1.4.1.
> The only way it succeeded was running the Java app from 
> linux(as root) to linux, but my app will not be run as root, 
> and I must invoke a command using rsh.
> From the linux shell, it works fine using the rsh command 
> from non-root user to a non-root user in other linux machine. 
> The command is like this one:
>     rsh -l myuser remoteIP "ls -l"
> 
> The question is: Why must it be run as root the 
> examples.rshell class if linux OS allows me to do it as 
> non-root from the command shell? Can I get it not being root 
> in the source machine? 
> 
> As I've seen in the code, it limits itself and throws an exception:
>     if (localPort < MIN_CLIENT_PORT)
>             throw new BindException("All ports in use or 
> insufficient permssion.");
> 
> Thanks!
> 
> 
> 
>       ______________________________________________ 
> Enviado desde Correo Yahoo! La bandeja de entrada más inteligente.
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@commons.apache.org
> For additional commands, e-mail: dev-help@commons.apache.org
> 
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@commons.apache.org
For additional commands, e-mail: dev-help@commons.apache.org


Mime
View raw message