1 | /* |
---|
2 | * Front end to the ULTRIX miscd service. The front end logs the remote host |
---|
3 | * name and then invokes the real miscd daemon. Install as "/usr/etc/miscd", |
---|
4 | * after renaming the real miscd daemon to the name defined with the |
---|
5 | * REAL_MISCD macro. |
---|
6 | * |
---|
7 | * Connections and diagnostics are logged through syslog(3). |
---|
8 | * |
---|
9 | * The Ultrix miscd program implements (among others) the systat service, which |
---|
10 | * pipes the output from who(1) to stdout. This information is potentially |
---|
11 | * useful to systems crackers. |
---|
12 | * |
---|
13 | * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands. |
---|
14 | */ |
---|
15 | |
---|
16 | #ifndef lint |
---|
17 | static char sccsid[] = "@(#) miscd.c 1.10 96/02/11 17:01:30"; |
---|
18 | #endif |
---|
19 | |
---|
20 | /* System libraries. */ |
---|
21 | |
---|
22 | #include <sys/types.h> |
---|
23 | #include <sys/param.h> |
---|
24 | #include <sys/stat.h> |
---|
25 | #include <sys/socket.h> |
---|
26 | #include <netinet/in.h> |
---|
27 | #include <stdio.h> |
---|
28 | #include <syslog.h> |
---|
29 | |
---|
30 | #ifndef MAXPATHNAMELEN |
---|
31 | #define MAXPATHNAMELEN BUFSIZ |
---|
32 | #endif |
---|
33 | |
---|
34 | #ifndef STDIN_FILENO |
---|
35 | #define STDIN_FILENO 0 |
---|
36 | #endif |
---|
37 | |
---|
38 | /* Local stuff. */ |
---|
39 | |
---|
40 | #include "patchlevel.h" |
---|
41 | #include "tcpd.h" |
---|
42 | |
---|
43 | int allow_severity = SEVERITY; /* run-time adjustable */ |
---|
44 | int deny_severity = LOG_WARNING; /* ditto */ |
---|
45 | |
---|
46 | main(argc, argv) |
---|
47 | int argc; |
---|
48 | char **argv; |
---|
49 | { |
---|
50 | struct request_info request; |
---|
51 | char path[MAXPATHNAMELEN]; |
---|
52 | |
---|
53 | /* Attempt to prevent the creation of world-writable files. */ |
---|
54 | |
---|
55 | #ifdef DAEMON_UMASK |
---|
56 | umask(DAEMON_UMASK); |
---|
57 | #endif |
---|
58 | |
---|
59 | /* |
---|
60 | * Open a channel to the syslog daemon. Older versions of openlog() |
---|
61 | * require only two arguments. |
---|
62 | */ |
---|
63 | |
---|
64 | #ifdef LOG_MAIL |
---|
65 | (void) openlog(argv[0], LOG_PID, FACILITY); |
---|
66 | #else |
---|
67 | (void) openlog(argv[0], LOG_PID); |
---|
68 | #endif |
---|
69 | |
---|
70 | /* |
---|
71 | * Find out the endpoint addresses of this conversation. Host name |
---|
72 | * lookups and double checks will be done on demand. |
---|
73 | */ |
---|
74 | |
---|
75 | request_init(&request, RQ_DAEMON, argv[0], RQ_FILE, STDIN_FILENO, 0); |
---|
76 | fromhost(&request); |
---|
77 | |
---|
78 | /* |
---|
79 | * Optionally look up and double check the remote host name. Sites |
---|
80 | * concerned with security may choose to refuse connections from hosts |
---|
81 | * that pretend to have someone elses host name. |
---|
82 | */ |
---|
83 | |
---|
84 | #ifdef PARANOID |
---|
85 | if (STR_EQ(eval_hostname(request.client), paranoid)) |
---|
86 | refuse(&request); |
---|
87 | #endif |
---|
88 | |
---|
89 | /* |
---|
90 | * The BSD rlogin and rsh daemons that came out after 4.3 BSD disallow |
---|
91 | * socket options at the IP level. They do so for a good reason. |
---|
92 | * Unfortunately, we cannot use this with SunOS 4.1.x because the |
---|
93 | * getsockopt() system call can panic the system. |
---|
94 | */ |
---|
95 | |
---|
96 | #ifdef KILL_IP_OPTIONS |
---|
97 | fix_options(&request); |
---|
98 | #endif |
---|
99 | |
---|
100 | /* |
---|
101 | * Check whether this host can access the service in argv[0]. The |
---|
102 | * access-control code invokes optional shell commands as specified in |
---|
103 | * the access-control tables. |
---|
104 | */ |
---|
105 | |
---|
106 | #ifdef HOSTS_ACCESS |
---|
107 | if (!hosts_access(&request)) |
---|
108 | refuse(&request); |
---|
109 | #endif |
---|
110 | |
---|
111 | /* Report request and invoke the real daemon program. */ |
---|
112 | |
---|
113 | syslog(allow_severity, "connect from %s", eval_client(&request)); |
---|
114 | sprintf(path, "%s/miscd", REAL_DAEMON_DIR); |
---|
115 | closelog(); |
---|
116 | (void) execv(path, argv); |
---|
117 | syslog(LOG_ERR, "error: cannot execute %s: %m", path); |
---|
118 | clean_exit(&request); |
---|
119 | /* NOTREACHED */ |
---|
120 | } |
---|