[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: MATE 1.8 has now fully arrived in Debian

On Thu, 2014-06-26 at 13:53 +0100, Simon McVittie wrote:
> On 26/06/14 13:33, Svante Signell wrote:
> > Of course with the additional check that the students are logged in to
> > that box locally, did I forget to mention that?
> ... or
> something involving utmp/wtmp/other traditions.
> utmp(5) says "many system programs (foolishly) depend on its integrity"
> so be very careful with security implications if you go that way. I
> wouldn't want anything relying on utmp for its security on my systems.

Maybe I'm naive but doesn't utmp(5) solve this problem?

who(1) tells me in clear-text if I'm logged in locally or remote:

local         remote or local
console,tty   pts/<number>

~$ who
usr      tty1         2014-06-26 16:16
usr      :0           2014-06-24 19:33 (:0)
usr      pts/1        2014-06-25 15:19 (:0.0)
susr      pts/8        2014-06-26 16:24 (ip-address/hostname)

local         remote
console, tty  ttyp
~$ who
login    console      2014-06-25 16:54
login    tty1        2014-06-25 16:54 (tty1 to tty6)
usr      ttyp0        2014-06-25 19:33 (ip-address/hostname)

Here a special user named login is used for not yet logged in

For kFreeBSD I dunno yet, have to check.

Are there serious security problems with ancient utmp that cannot be

Reply to: