lightbar
-----BEGIN PGP SIGNED MESSAGE-----
As Debian is based on a model of security... I've found this /bin/login
replacement called "lightbar". It seems very good. I have attached the
README file.
_
|_) _ |_ _ .__|_
| \(_)|_)(/_| |_
Robert S. Edmonds
Debian Developer (http://www.debian.org)
mailto:edmonds@freewwweb.com
http://edmonds.home.ml.org
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: noconv
iQEVAwUBNO5U0noF6jxUeF+VAQEcLgf/aOMuZOjtsihvnpfcp7yLa03BqD+BuEow
KVz9wsllGbpHAYazUpe+FEy3sk2egwJnH8ZloIW6L7f5NIA/5Is9YPZHvfg8BMWI
z/0ZKRcAWD8P6t/FMYkODBdJm8GMqbXdysHJ3/xfZyZ6Ysl3jppdXNYDeK+84Oq1
K9ntLvNFGFKFyNsTH2Oplfc9lrfE1idPN1coObEFBRYkeiITEqDeBoIgx3FmSqXB
qmjhyEvaldl92hz95qQkbwDKDklg2y4Jly7qMc9rgIrboVc1i2nEb/TER/86o5Fu
yBOrsBcTZqZ/bjQzxRQU+tUYcsuhhX7Vo3xC2lpp2d95+c4jy+mtqA==
=Q2Xc
-----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE-----
`$ ,+.
"s,_/ LightBar 1.1 -
"$$s. a serious case of the saturday night fever.
d$P"$
.P^$" ' -cash -- Programmed by Trevor F. Linton.
d$ $s
read copyright in the doc directory, for information on
distribution and legal information.
This project was programmed 100% of scratch.
Version 1.10.0 (1.09.1160+) is fully functional and supports 100%
of login processes.
* What is LightBar
Lightbar is a full login replacement, but is not a login package.
This program just replaces your /bin/login. This login replacement
adds functionality to your login screens for internet providers
it can provide a full fledged menu system before the user needs to
login, aside from that automatic pppd detection if necessary, (in
future releases) better security management with support of, menus
cursor positioning, setting cpu, ram, how many files open at a time,
and how many process running limits. ansi codes and executing programs
safely before a user logs in. This adds many features from BSD, HPUX
and other Unix operating systems. This adds btmp support as well, for
bad login attempts.
This has better login management than any other login program,
although this does not handle the encrypting/decrypting itself
(except with POSIX linux normal encryption) this will work with any
shadow or normal login packages, THIS DOES NOT CALL FROM ANY OUTSIDE
PROGRAMS FOR HELP. All encryption is done inside the dynamiclly linked
binary, although it does refer to libraries for certain codes (i.e.
ncurses for it's menus, libc for it's crypt() function.) Although
LightBar controls it's environment, this is so the program can avoid
bugs such as LD_PRELOAD exploits, lightbar carefully monitors all
environment passing through and doesn't make the environment fully
active until the shell is executed, LightBar also doesn't allow certain
environment variables to be added when a program is executed for
security reasons. LightBar also monitors signals such as segmentation
faults, this keeps some password files from being accessed remotely
before the password file is closed, through a segmentation fault.
We've actually been able to program a ping pong game that ran before
the user even logged in, if he won he could login, if he lost he was
refused login. Of course this is completely useless but shows the power
of what you can do. :)
This is tested 100% compatible with the following packages:
- Posix/BSD Linux standard normal encryption.
- Generic shadow encryption.
- shadow-mk by John F. Haugh II.
- s0nic's crypt() libc encryption.
- the (old and no longer distributed (disliked)) LightBar package.
P.S. This could be compatible with other packages such as generic
shadow packages, i have not tested this on shadow-in-a-box but it
could possibly work ;P, if the shadow package includes a libshadow.a/so
with it you might consider trying it out.
If your shadow package does not have a libshadow.a/so included then
think about switching to one of the shadow packages listed above or
contact me and i'll add it support for it into the package.
* Compatability
LightBar supports all of the login process, from setting terminal
modes correctly to accessing /etc/securetty and nologin it will work
completely with other programs, lightbar continues support for options
added in normal POSIX logins such as the -f option rlogin's and things
like -p (preserve the environment). LightBar will function with any
program that uses normal posix login or shadow-mk's (genernic shadows)
support.
* Requirements:
- Linux kernel 2.0.X (THIS DOES NOT SUPPORT SUNOS)
- ncurses 1.3 (1.9.9a)
- libc
- libshadow.a/so and shadow.h (only if your using shadow)
- tcpd_wrappers (only if you wish to use ident marcos).
* Installation:
Read the 'INSTALL' file in the docs directory.
* Reporting Bugs or problems.
Before you report a bug make sure it hasn't already been found and
is being worked out by reading doc/problems this has a list of the
so far found bugs/problems. If your bug or problem your having isn't
in there read the "Frequently Asked Questions" doc/FAQ it might be a
configuration problem than a programming bug, if you don't solve your
problem in there report it immediatly to me, my email address is listed
along with several contacts in the file: doc/contacts
* Thanks
Andrew Hobgood The Bad user idea and source, being a beta tester. :P
David Ford Letting me test some of the encryption on his server.
roler@efnet for the seterminal code and the _getpass() idea.
To everyone in #linuxOS@efnet, for putting up with the beta testing
shit I almost crammed down their throats, I apologize. :P.
* Documentation
FAQ -- Frequently asked questions and answers.
lightbar.manual -- explains how to use documentation for lightbar.
problems -- current bugs.
logo -- lightbar logo
copyright -- lightbar copyright distribution information etc.
changes -- changes in the program, reversions..
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBM8cwbQf5+l2JY18lAQHvlAQAgVIBLdGHXCoJ5BDNb4XJaXGBaNhvELio
oaPTntf5gxCYlteTqiM0zDNX0XoV0HU2XHA9asHVZFdeJfJdT8aC26+8hwTVfsWt
yqSsoLk6OUjpeLsL2EsJ9D6pFJKMYv3YAE/Ghw8LW3liPXgTLd5m5KyCa4LY4BN2
HOlohJVk0MU=
=lMDC
-----END PGP SIGNATURE-----
Reply to: