commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Oberhuber, Martin" <>
Subject RE: RShell:All ports in use or insufficient permssion.
Date Mon, 30 Jun 2008 12:28:14 GMT

it is a restriction by design of rlogin / rsh that the client
port must be in the "restricted ports" area < 1024, which only 
the root user may open.

I assume the reason for this is, that through the rsh 
protocol, if user x has set up a .rhosts file for his
account, then user y could "spoof" the system by making
the remote think he were x.

UNIX systems fix this by making the rsh program run with
"setuid" permissions, that is non-root clients can call
the rsh program which then executes with root permissions.

In your concrete situation, I would recommend that you either
call the external rsh binary program from Java (thus inheriting
the root permission via the setuid bit), or you switch to
using a Java SSH client such as JSch.


Martin Oberhuber, Senior Member of Technical Staff, Wind River
Target Management Project Lead, DSDP PMC Member

> -----Original Message-----
> From: [] 
> Sent: Friday, June 13, 2008 10:19 AM
> To:
> Subject: RShell:All ports in use or insufficient permssion.
> Hi,
> I want to invoke a command in a remote machine using 
> RSh(remote shell) from my java app, so I'm trying out the 
> examples.rshell class in commons-net-1.4.1.
> The only way it succeeded was running the Java app from 
> linux(as root) to linux, but my app will not be run as root, 
> and I must invoke a command using rsh.
> From the linux shell, it works fine using the rsh command 
> from non-root user to a non-root user in other linux machine. 
> The command is like this one:
>     rsh -l myuser remoteIP "ls -l"
> The question is: Why must it be run as root the 
> examples.rshell class if linux OS allows me to do it as 
> non-root from the command shell? Can I get it not being root 
> in the source machine? 
> As I've seen in the code, it limits itself and throws an exception:
>     if (localPort < MIN_CLIENT_PORT)
>             throw new BindException("All ports in use or 
> insufficient permssion.");
> Thanks!
>       ______________________________________________ 
> Enviado desde Correo Yahoo! La bandeja de entrada más inteligente.
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message