Date: Mon, 6 Mar 2006 07:20:08 GMT From: "Mars G. Miro" <marsgmiro@gmail.com> To: freebsd-bugs@FreeBSD.org Subject: Re: bin/94060: Users can hide themselves with a trick Message-ID: <200603060720.k267K8MN071062@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/94060; it has been noted by GNATS. From: "Mars G. Miro" <marsgmiro@gmail.com> To: bug-followup@FreeBSD.org, gabor.kovesdan@t-hosting.hu, keramida@ceid.upatras.gr Cc: Subject: Re: bin/94060: Users can hide themselves with a trick Date: Mon, 6 Mar 2006 15:16:24 +0800 Greetz! This problem can be 100% reproduced if you're using 'sh', or invoking 'sh' = if you're using another shell, prior to the 'login' trick, at least in all of = the machines I have tested and on 5.4X and RELENG_6 as of Mar 3 13:57:47 PHT 2= 006, e.g: In this case, my shell is csh, but this problem does not manifest itself: mars@mars:~> ssh XXXXXXXX OpenSSH_3.8.1p1 FreeBSD-20040419, OpenSSL 0.9.7e-p1 25 Oct 2004 debug1: Reading configuration data /etc/ssh/ssh_config ... FreeBSD 6.1-PRERELEASE (GENERIC) #0: Fri Mar 3 13:57:47 PHT 2006 Welcome to FreeBSD! ... mars@61XXX:~> finger Login Name TTY Idle Login Time Office Phon= e mars mars p0 Mon 14:51 mars@61XXX:~> login login: mars Last login: Mon Mar 6 14:51:36 from XXXX ... FreeBSD 6.1-PRERELEASE (GENERIC) #0: Fri Mar 3 13:57:47 PHT 2006 Welcome to FreeBSD! ... mars@61XXX:~> exit debug1: client_input_channel_req: channel 0 rtype exit-status reply 0 logout debug1: channel 0: free: client-session, nchannels 1 Connection to XXXXX closed. debug1: Transferred: stdin 0, stdout 0, stderr 34 bytes in 16.9 seconds debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 2.0 debug1: Exit status 0 Here when i 'exit'ed, I got logged off from the remote machine/ssh session terminated. But notice if I spawn an 'sh' shell prior to 'login': mars@mars:~> ssh XXXXXXXX OpenSSH_3.8.1p1 FreeBSD-20040419, OpenSSL 0.9.7e-p1 25 Oct 2004 debug1: Reading configuration data /etc/ssh/ssh_config ... FreeBSD 6.1-PRERELEASE (GENERIC) #0: Fri Mar 3 13:57:47 PHT 2006 Welcome to FreeBSD! ... mars@61XXX:~> sh $ login login: mars Last login: Mon Mar 6 14:51:56 from XXXXX Copyright (c) 1992-2006 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 6.1-PRERELEASE (GENERIC) #0: Fri Mar 3 13:57:47 PHT 2006 Welcome to FreeBSD! ... mars@61XXX:~> finger Login Name TTY Idle Login Time Office Phon= e mars mars p0 Mon 14:52 mars@61XXX:~> w 2:52PM up 2 days, 22:30, 1 user, load averages: 0.00, 0.00, 0.00 USER TTY FROM LOGIN@ IDLE WHAT mars p0 - 2:52PM - w mars@61XXX:~> exit logout $ w 2:52PM up 2 days, 22:30, 0 users, load averages: 0.00, 0.00, 0.00 USER TTY FROM LOGIN@ IDLE WHAT $ exit mars@61XXX:~> w 2:52PM up 2 days, 22:30, 0 users, load averages: 0.00, 0.00, 0.00 USER TTY FROM LOGIN@ IDLE WHAT At the same time, what shows up in /var/log/auth.log: Mar 6 14:51:53 61XXX sshd[10866]: syslogin_perform_logout: logout() returned an error mars@61XXX:~> uname -a FreeBSD 61XXX.XXXXXXXXXXXXX 6.1-PRERELEASE FreeBSD 6.1-PRERELEASE #0: Fri Mar 3 13:57:47 PHT 2006 =20 root@61XXX.XXXXXXX:/usr/obj/usr/src/sys/GENERIC amd64 mars@61XXX:~> finger No one logged on. cheers mars
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200603060720.k267K8MN071062>