Add -i (insecure) flag to rexecd, which allows uid == 0 logins

(presuming that the user in question is not in /etc/ftpusers and
does not have a null password).

2 files changed, 11 insertions, 4 deletions

diff --git a/libexec/rexecd/rexecd.8 b/libexec/rexecd/rexecd.8
index 4c86268..b29f38e 100644
--- a/libexec/rexecd/rexecd.8
+++ b/libexec/rexecd/rexecd.8
@@ -39,7 +39,7 @@
 .Nm rexecd
 .Nd remote execution server
 .Sh SYNOPSIS
-.Nm rexecd
+.Nm rexecd [-i]
 .Sh DESCRIPTION
 .Nm Rexecd
 is the server for the 
@@ -99,9 +99,11 @@ by
 .El
 .Sh CAVEATS
 .Nm Rexecd
-will no longer allow root logins, access for users listed in
+will not allow root logins unless the -i option is given on
+the command line (typically in inetd.conf). It will also
+disallow access for users listed in
 .Pa /etc/ftpusers ,
-or access for users with no passwords, which were all serious security holes.
+or users with no passwords, which were all serious security holes.
 The entire concept of rexec/rexecd is a major security hole and an example
 of how not to do things.
 .Nm Rexecd
diff --git a/libexec/rexecd/rexecd.c b/libexec/rexecd/rexecd.c
index 10c2f2b..bd8876c 100644
--- a/libexec/rexecd/rexecd.c
+++ b/libexec/rexecd/rexecd.c
@@ -82,6 +82,8 @@ void getstr __P((char *, int, char *));
 /*VARARGS1*/
 void error __P(());
 
+int no_uid_0 = 1;
+
 /*
  * remote execute server:
  *	username\0
@@ -99,6 +101,9 @@ main(argc, argv)
 	int fromlen;
 	struct hostent *hp;
 
+	if (argc == 2 && !strcmp(argv[1], "-i"))
+		no_uid_0 = 0;
+
 	openlog(argv[0], LOG_PID, LOG_AUTH);
 	fromlen = sizeof (from);
 	if (getpeername(0, (struct sockaddr *)&from, &fromlen) < 0)
@@ -191,7 +196,7 @@ doit(f, fromp)
 		}
 	}
 
-	if (pwd->pw_uid == 0 || *pwd->pw_passwd == '\0' ||
+	if ((pwd->pw_uid == 0 && no_uid_0) || *pwd->pw_passwd == '\0' ||
 	    (pwd->pw_expire && time(NULL) >= pwd->pw_expire)) {
 		syslog(LOG_ERR, "%s LOGIN REFUSED from %s", user, remote);
 		error("Login incorrect.\n");