rrshd differs from rshd in that it ignores the remote user's alleged identity and credentials, and unconditionally runs local tasks as a specific unprivileged user ("nobody" or similar). It will only allow execution of programs listed in a configuration file (/etc/rrsh.allow), and will exec those programs directly without using an intermediary shell of any kind. It also has TCP wrapper support. These modifications make it a good deal more secure than traditional rshd.
|Operating Systems||POSIX Linux|
Release Notes: /etc/rrsh.allow is read before dropping privileges (so that the file may be readable only by root).
Release Notes: Support for SHELL, PATH, and HOME overrides, and optional setting of a fixed DISPLAY value.
No changes have been submitted for this release.