Date: Fri, 18 Jul 1997 14:29:57 -0400 (EDT) From: Joe Traister <traister@mojozone.org> To: FreeBSD-gnats-submit@FreeBSD.ORG Subject: bin/4116: kerberized login as <user>.root fails Message-ID: <199707181829.OAA00561@manta.mojozone.org> Resent-Message-ID: <199707181840.LAA08918@hub.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 4116 >Category: bin >Synopsis: Kerberized login as <user>.root fails to become root >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Jul 18 11:40:03 PDT 1997 >Last-Modified: >Originator: Joe Traister >Organization: None >Release: FreeBSD 2.2.2-RELEASE i386 >Environment: Kerberos installed, configured and running. >Description: When logging in as <user>.root principle, the login is subjected to the same tty tests as root, allowed to login when /etc/nologin exists, the kerberos ticket file is created as /tmp/tkt_root_<uid>, and a root login is syslog'ed, but you don't become root. This is a problem only when LOGIN_CAP is defined during compile. The non-LOGIN_CAP code does everything as the user and then does the final setuid() to 0 if it's a root login, but the LOGIN_CAP code simply does a setusercontext() to the user. This is fixed very simply by including a check for rootlogin and passing setuserconext a 0 uid instead of the user's uid. >How-To-Repeat: login as a <user>.root principle on a kerberized box. >Fix: change if (setusercontext(lc, pwd, pwd->pw_uid, LOGIN_SETALL) != 0 { to if (setusercontext(lc, pwd, rootlogin ? 0 : pwd->pw_uid, LOGIN_SETALL) != 0 { in login.c in the main() function. >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199707181829.OAA00561>