Date: Wed, 1 Nov 1995 15:30:28 +0800 (WST) From: Peter Wemm <peter@jhome.DIALix.COM> To: Ollivier Robert <roberto@keltia.freenix.fr> Cc: CVS-commiters@freefall.freebsd.org, cvs-sys@freefall.freebsd.org Subject: Re: cvs commit: src/sys/i386/isa isa.c Message-ID: <Pine.BSF.3.91.951101151856.22432P-100000@jhome.DIALix.COM> In-Reply-To: <199510312256.XAA14359@keltia.freenix.fr>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 31 Oct 1995, Ollivier Robert wrote: > It seems that Peter Wemm said: > > OK.. Anybody got any idea why "getlogin" is failing on the tail end of a > > rsh? > > Maybe because from a fast look at rshd's code, it doesn't seem to update the > utmp file (it does not call login/logout) ? On SYSV system, getlogin() fetches data from the utmp file. Maybe older BSD systems did it too. Now, it's done by the kernel in a "secure" fashion with setlogin()/getlogin(). setlogin() stores the full name in the session strutures in the kernel, and I think once it's set it's not supposed to be able to be changed except by root.. it doesn't depend on the security of your utmp file anymore. It's used by a lot of things for authentication/accounting purposes. What bothers me, is how a non-setuid process suddenly got a new getlogin name. Maybe it's a perl bug (but it does little more than a strdup(getlogin()) - it'd be hard for that code to have a bug..), or a libc bug with the static buffer getting munched. However, I think the kernel has something to do with it because of another unrelated problem... If you log in as root and start XFree86 3.1.2 xdm and check the result of the 'logname' command and verify that the xdm has detached from your tty and session, the moment somebody logs in on the xdm login, the original (supposedly detached) session suddenly has it's getlogin() result changed.. I do not know if it's the same bug but it suggests to me that something fishy is going on. BTW: rshd does call setlogin(), and syslogs an error return if it fails. I've checked freefall's /var/log/messages and the warning is not there. -Peter > -- > Ollivier ROBERT -=- The daemon is FREE! -=- roberto@keltia.frmug.fr.net > FreeBSD keltia.freenix.fr 2.2-CURRENT #5: Mon Oct 30 00:03:29 MET 1995 >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.951101151856.22432P-100000>