Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
RE: [dsdp-tm-dev] RLogin Shell Service

Ah, yes... now I remember :)
rlogin works from java only if the super-user (root) runs the Java program.
For normal users, all you can do is launch the operating system's rlogin executable.
That executable is built with setuid bit so it will run with root privileges.
We've been doing this commercially, so I know it's doable and I don't think there is any other way around it.
On Windows, I'm not quite sure ... the privileged ports below 1024 may be accessible on Windows, you'd need to try it out or google the web if there is a chance for this to work. Otherwise, you need an rlogin.exe on Windows.
BTW, if you write your program to launch the external rlogin exe and communicate through it, this has more advantages: your solution becomes very flexible, since users can replace rlogin.exe by any other exe they like. We've had existing requests to do this for ssh (i.e. use external ssh.exe) because such external ssh programs support more configuration options than internal Java ssh client. There should be a related bug in bugzilla (something about ssh config, I'm sure you find it when running bugzilla search).
Martin Oberhuber, Senior Member of Technical Staff, Wind River
Target Management Project Lead, DSDP PMC Member

From: dsdp-tm-dev-bounces@xxxxxxxxxxx [mailto:dsdp-tm-dev-bounces@xxxxxxxxxxx] On Behalf Of Florian Guillochon
Sent: Samstag, 30. Mai 2009 17:23
To: dsdp-tm-dev@xxxxxxxxxxx
Subject: [dsdp-tm-dev] RLogin Shell Service

Hi everybody,

I'm currently working on an RLogin shell service, adapting the work done for telnet.
I'm facing a major problem : for security reasons, when a user wants to access a remote system, the "source port" for the rlogin command must be in the range 0-1023. As i'm accessing it through Eclipse, this condition is not respected and the authentification failed miserably (" All ports in use or insufficient permssion").
Do I have to modify the Apache Commons Net sources to bypass this restriction (dirty) or is there a another solution ?

Thank you for your attention


Back to the top