commons-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sebb (JIRA)" <>
Subject [jira] Commented: (NET-238) RCommandClient wrongly attempts to use local socket with priviledged port (specifically >511 && <1024)
Date Tue, 04 Nov 2008 20:28:46 GMT


Sebb commented on NET-238:

The Javadoc for the class includes the following:

The only additional measure for establishing trust is that all client connections must originate
from a port between 512 and 1023. Consequently, there is an upper limit to the number of rcmd
connections that can be running simultaneously. The required ports are reserved ports on Unix
systems, and can only be bound by a process running with root permissions (to accomplish this
rsh, rlogin, and related commands usualy have the suid bit set). Therefore, on a Unix system,
you will only be able to successfully use the RCommandClient class if the process runs as
root. However, there is no such restriction on Windows95 and some other systems.

> RCommandClient wrongly attempts to use local socket with priviledged port (specifically
>511 && <1024)
> ------------------------------------------------------------------------------------------------------
>                 Key: NET-238
>                 URL:
>             Project: Commons Net
>          Issue Type: Bug
>    Affects Versions: 2.0
>         Environment: Linux x86_64, Eclipse 3.4, commons-net-2.0
>            Reporter: jieryn
> I see a few instances of this around:
>         int localPort;
>         localPort = MAX_CLIENT_PORT;
>         for (localPort = MAX_CLIENT_PORT; localPort >= MIN_CLIENT_PORT; --localPort)
>         {
>             try
>             {
>                 _socket_ =
>                     _socketFactory_.createSocket(host, port, localAddr, localPort);
>             }
>             catch (SocketException e)
>             {
>                 continue;
>             }
>             break;
>         }
>         if (localPort < MIN_CLIENT_PORT)
>             throw new BindException("All ports in use or insufficient permssion.");
> Yet, this seems to be an error. I can manually issue the rlogin command on my shell and
everything just works. After doing it directly from my shell, a netstat -a reveals that I'm
using an unpriviledged port on my client side.... why is RCommandClient attempting to use
a priviledged port??

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message