more updates

SCCS-vsn: libexec/rshd/rshd.8 6.3
SCCS-vsn: libexec/rlogind/rlogind.8 6.3

diff --git a/usr/src/libexec/rlogind/rlogind.8 b/usr/src/libexec/rlogind/rlogind.8
index 33864c2..ef23f3a 100644 (file)
--- a/usr/src/libexec/rlogind/rlogind.8
+++ b/usr/src/libexec/rlogind/rlogind.8
@@ -2,7 +2,7 @@
 .\" All rights reserved.  The Berkeley software License Agreement
 .\" specifies the terms and conditions for redistribution.
 .\"
 .\" All rights reserved.  The Berkeley software License Agreement
 .\" specifies the terms and conditions for redistribution.
 .\"

-.\"    @(#)rlogind.8   6.2 (Berkeley) %G%
+.\"    @(#)rlogind.8   6.3 (Berkeley) %G%

 .\"
 .TH RLOGIND 8C ""
 .UC 5
 .\"
 .TH RLOGIND 8C ""
 .UC 5


@@ -31,13 +31,13 @@ The server checks the client's source port.
 If the port is not in the range 0-1023, the server
 aborts the connection.
 .IP 2)
 If the port is not in the range 0-1023, the server
 aborts the connection.
 .IP 2)

-The server checks the client's source address.
-If the address is associated with a host for which no
-corresponding entry exists in the host name data base (see
+The server checks the client's source address
+and requests the corresponding host name (see

 .IR gethostbyaddr (3N),
 .IR hosts (5)
 and
 .IR gethostbyaddr (3N),
 .IR hosts (5)
 and

-.IR named (8)),
+.IR named (8)).
+If the hostname cannot be determined,

 the dot-notation representation of the host address is used.
 .PP
 Once the source port and address have been checked, 
 the dot-notation representation of the host address is used.
 .PP
 Once the source port and address have been checked, 


@@ -98,3 +98,5 @@ insecure, but is useful in an ``open'' environment.
 .PP
 A facility to allow all data exchanges to be encrypted should be
 present.
 .PP
 A facility to allow all data exchanges to be encrypted should be
 present.

+.PP
+A more extensible protocol should be used.

diff --git a/usr/src/libexec/rshd/rshd.8 b/usr/src/libexec/rshd/rshd.8
index fa712a7..793915b 100644 (file)
--- a/usr/src/libexec/rshd/rshd.8
+++ b/usr/src/libexec/rshd/rshd.8
@@ -2,7 +2,7 @@
 .\" All rights reserved.  The Berkeley software License Agreement
 .\" specifies the terms and conditions for redistribution.
 .\"
 .\" All rights reserved.  The Berkeley software License Agreement
 .\" specifies the terms and conditions for redistribution.
 .\"

-.\"    @(#)rshd.8      6.2 (Berkeley) %G%
+.\"    @(#)rshd.8      6.3 (Berkeley) %G%

 .\"
 .TH RSHD 8C ""
 .UC 5
 .\"
 .TH RSHD 8C ""
 .UC 5


@@ -17,7 +17,7 @@ is the server for the
 routine and, consequently, for the
 .IR rsh (1C)
 program.  The server provides remote execution facilities
 routine and, consequently, for the
 .IR rsh (1C)
 program.  The server provides remote execution facilities

-with authentication based on privileged port numbers.
+with authentication based on privileged port numbers from trusted hosts.

 .PP
 .I Rshd
 listens for service requests at the port indicated in
 .PP
 .I Rshd
 listens for service requests at the port indicated in


@@ -42,11 +42,14 @@ A second connection is then created to the specified
 port on the client's machine.  The source port of this
 second connection is also in the range 0-1023.
 .IP 4)
 port on the client's machine.  The source port of this
 second connection is also in the range 0-1023.
 .IP 4)

-The server checks the client's source address.
-If the address is associated with a host for which no
-corresponding entry exists in the host name data base (see
-.IR hosts (5)),
-the server aborts the connection.
+The server checks the client's source address
+and requests the corresponding host name (see
+.IR gethostbyaddr (3N),
+.IR hosts (5)
+and
+.IR named (8)).
+If the hostname cannot be determined,
+the dot-notation representation of the host address is used.

 .IP 5)
 A null terminated user name of at most 16 characters
 is retrieved on the initial socket.  This user name
 .IP 5)
 A null terminated user name of at most 16 characters
 is retrieved on the initial socket.  This user name


@@ -67,7 +70,7 @@ the system's argument list.
 .IP 8)
 .I Rshd
 then validates the user according to the following steps.
 .IP 8)
 .I Rshd
 then validates the user according to the following steps.

-The remote user name is looked up in the password file
+The local (server-end) user name is looked up in the password file

 and a
 .I chdir
 is performed to the user's home directory.  If either
 and a
 .I chdir
 is performed to the user's home directory.  If either


@@ -115,11 +118,6 @@ longer than 16 characters.
 The command line passed exceeds the size of the argument
 list (as configured into the system).
 .PP
 The command line passed exceeds the size of the argument
 list (as configured into the system).
 .PP

-.B ``Host name for your address unknown.''
-.br
-No entry in the host name database existed for
-the client's machine.
-.PP

 .B ``Login incorrect.''
 .br
 No password file entry for the user name existed.
 .B ``Login incorrect.''
 .br
 No password file entry for the user name existed.


@@ -162,3 +160,5 @@ insecure, but is useful in an ``open'' environment.
 .PP
 A facility to allow all data exchanges to be encrypted should be
 present.
 .PP
 A facility to allow all data exchanges to be encrypted should be
 present.

+.PP
+A more extensible protocol should be used.