The patch below fixes a problem that allows any user with the correct knowledge to gain root access. This problem is present in Rdist version 6 releases, up until version 6.1beta.2, in which the backwards compatibility code for the old Rdist is enabled. Specifically, the bug exists in versions 6.0.X, 6.1beta.0, and 6.1beta.1. The bug does not exist in the rdist distributed with 4.2 or 4.3BSD. The bug is fixed in 6.1beta.2 and in version 6.1.X (when released). The patch below should work on all versions of Rdist in which the problem exists, though the line numbers will vary. My sincere apologies if you where hit by this. If it's any consolation, I discovered this bug when my site was cracked with this one. Michael A. Cooper E-MAIL: mcooper@usc.edu Manager of Systems Administration PHONE (VOICE): 213-740-2957 University Computing Services PHONE (FAX): 213-740-9312 University of Southern California *** /tmp/T0a006SU Wed Jul 28 18:15:28 1993 --- /tmp/T1a006SU Wed Jul 28 18:15:28 1993 *************** *** 102,108 **** message(MT_SYSLOG, "Old rdist (-Server) requested; running %s", _PATH_OLDRDIST); ! (void) execv(_PATH_OLDRDIST, argv); fatal("Exec old rdist failed: %s: %s.", _PATH_OLDRDIST, SYSERR); #else /* !_PATH_OLDRDIST */ --- 102,108 ---- message(MT_SYSLOG, "Old rdist (-Server) requested; running %s", _PATH_OLDRDIST); ! (void) execl(_PATH_OLDRDIST, "-Server", (char *)NULL); fatal("Exec old rdist failed: %s: %s.", _PATH_OLDRDIST, SYSERR); #else /* !_PATH_OLDRDIST */