Date: Wed, 30 Oct 1996 14:35:19 -0600 (CST) From: john@starfire.mn.org To: guido@gvr.win.tue.nl (Guido van Rooij) Cc: hackers@FreeBSD.ORG Subject: Re: rlogind user name restrictions Message-ID: <199610302035.OAA03828@starfire.mn.org> In-Reply-To: <199610301956.UAA09626@gvr.win.tue.nl> from "Guido van Rooij" at Oct 30, 96 08:56:19 pm
next in thread | previous in thread | raw e-mail | index | archive | help
Guido van Rooij wrote:
>
> john@starfire.mn.org wrote:
> > I understand the restriction on not passing a "username" to login that
> > STARTS with '-', but I do not understand the restriction on it anywhere
> > in the "lusername" string. Would any BAD THINGS happen if I relaxed
> > the restriction to only check for the first character?
> >
> > The thing is, we have a user "star-net"...
>
> Yes you are right.
> This has long been fixed in current.
Great! Thanks.
> Here is the patch:
Well, I was about to say that it looks exactly like mine, only IT
DOESN'T! Here's why...
> --- /usr/src/libexec/rlogind/rlogind.c Sun Jun 23 15:07:44 1996
> +++ /tmp/rlogind.c Wed Oct 30 20:55:23 1996
> @@ -293,7 +293,7 @@
> if (f > 2) /* f should always be 0, but... */
> (void) close(f);
> setup_term(0);
> - if (strchr(lusername, '-')) {
> + if (lusername == '-') {
^^^^^^^^^
Shouldn't this be "*lusername" or "lusername[0]"?????????
Unless this is simply a typo, the security we once had on this
matter is toast, since that pointer is never going to be equal
to '-'...
Even doing this, has it been checked that there are no throw-away
characters that login might skip over that would make the corrected
test ineffectual? I'm not that totally familiar with the internal
operation of "getopt" that I could speak authoritatively to this
issue, which is why I didn't submit my diffs in the first place.
That was what I meant by "BAD THINGS".
> syslog(LOG_ERR, "tried to pass user \"%s\" to login",
> lusername);
> fatal(STDERR_FILENO, "invalid user", 0);
John Lind, Starfire Consulting Services
E-mail: john@starfire.MN.ORG USnail: PO Box 17247, Mpls MN 55417
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199610302035.OAA03828>