Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 24 Sep 1999 04:25:26 -0700 (PDT)
From:      dima@server.ru
To:        freebsd-gnats-submit@freebsd.org
Subject:   bin/13932: /usr/bin/lock does not report to syslog when root unlock terminal
Message-ID:  <19990924112526.D3B0015147@hub.freebsd.org>

next in thread | raw e-mail | index | archive | help

>Number:         13932
>Category:       bin
>Synopsis:       /usr/bin/lock does not report to syslog when root unlock terminal
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Fri Sep 24 04:30:01 PDT 1999
>Closed-Date:
>Last-Modified:
>Originator:     Dmitry Kazarov
>Release:        FreeBSD-3.3-RC
>Organization:
Server Inc
>Environment:
>Description:
While root logins are always logged to system log and console, /usr/bin/lock does not log when root unlocks terminal. So it's possible to break in to root's shell using brute force attack and no message will be displayed on console about failures
>How-To-Repeat:

>Fix:


>Release-Note:
>Audit-Trail:
>Unformatted:


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990924112526.D3B0015147>