SSHD Attempts to open /var/log/lastlog for RW with insufficient permissions
Package: ssh
Version: 1:3.4p1-0.0potato1
Severity: important
6616 open("/var/log/lastlog", O_RDWR) = -1 EACCES (Permission denied)
plhofmei 6616 0.5 5.9 5724 1836 ? S 14:02 0:00 \_ /usr/sbin/sshd
-rwxrwx--- 1 root utmp 296672 Jun 28 14:02 /var/log/lastlog
As seen above, (strace watch) PID (here 6616) owned by a normal user attempts
to open a log file for read/write when such access is not available. Since
the user cannot open this file information about when and where they last
logged in from is not available. The obvious fix for this (making the file
world readable and writable) would introduce a security problem.
-- System Information
Debian Release: 2.2
Architecture: i386
Kernel: Linux Oneil 2.2.19 #1 Wed Jun 26 15:25:01 EDT 2002 i586
Versions of packages ssh depends on:
ii adduser 3.11.1 Add users and groups to the system
ii debconf 0.2.80.17 Debian configuration management sy
ii libc6 2.1.3-20 GNU C Library: Shared libraries an
ii libpam-modules 0.72-9 Pluggable Authentication Modules f
ii libpam0g 0.72-9 Pluggable Authentication Modules l
ii libssl0.9.6 0.9.6c-0.potato.1 SSL shared libraries
ii libwrap0 7.6-4 Wietse Venema's TCP wrappers libra
ii zlib1g [libz1] 1:1.1.3-5.1 compression library - runtime
-- Configuration Files:
/etc/pam.d/ssh [Errno 13] Permission denied: '/etc/pam.d/ssh'
/etc/ssh/moduli [Errno 13] Permission denied: '/etc/ssh/moduli'
/etc/ssh/ssh_config [Errno 13] Permission denied: '/etc/ssh/ssh_config'
--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: