Re: MATE 1.8 has now fully arrived in Debian

To: debian-devel@lists.debian.org
Subject: Re: MATE 1.8 has now fully arrived in Debian
From: Svante Signell <svante.signell@gmail.com>
Date: Thu, 26 Jun 2014 16:32:01 +0200
Message-id: <[🔎] 1403793121.14272.73.camel@s1499.it.kth.se>
In-reply-to: <[🔎] 53AC17AD.3090304@debian.org>
References: <[🔎] 1403773037.14436.190.camel@dsp0698014> <[🔎] logpfo$o6$1@ger.gmane.org> <[🔎] 53ABEF09.1080609@debian.org> <[🔎] 1403777156.13072.62.camel@G3620.my.own.domain> <[🔎] 53AC0BF7.7030604@free.fr> <[🔎] 1403786016.14272.51.camel@s1499.it.kth.se> <[🔎] 53AC17AD.3090304@debian.org>

On Thu, 2014-06-26 at 13:53 +0100, Simon McVittie wrote:
> On 26/06/14 13:33, Svante Signell wrote:
> > Of course with the additional check that the students are logged in to
> > that box locally, did I forget to mention that?
> 
> ... or
> something involving utmp/wtmp/other traditions.
> 
> utmp(5) says "many system programs (foolishly) depend on its integrity"
> so be very careful with security implications if you go that way. I
> wouldn't want anything relying on utmp for its security on my systems.

Maybe I'm naive but doesn't utmp(5) solve this problem?

who(1) tells me in clear-text if I'm logged in locally or remote:

Linux:
local         remote or local
console,tty   pts/<number>

~$ who
usr      tty1         2014-06-26 16:16
usr      :0           2014-06-24 19:33 (:0)
usr      pts/1        2014-06-25 15:19 (:0.0)
susr      pts/8        2014-06-26 16:24 (ip-address/hostname)

Hurd:
local         remote
console, tty  ttyp
~$ who
login    console      2014-06-25 16:54
login    tty1        2014-06-25 16:54 (tty1 to tty6)
usr      ttyp0        2014-06-25 19:33 (ip-address/hostname)

Here a special user named login is used for not yet logged in
terminals.

For kFreeBSD I dunno yet, have to check.

Are there serious security problems with ancient utmp that cannot be
solved?

Reply to:

Follow-Ups:
- Re: MATE 1.8 has now fully arrived in Debian
  - From: Svante Signell <svante.signell@gmail.com>

References:
- Re: MATE 1.8 has now fully arrived in Debian
  - From: Josselin Mouette <joss@debian.org>
- Re: MATE 1.8 has now fully arrived in Debian
  - From: Thorsten Glaser <tg@debian.org>
- Re: MATE 1.8 has now fully arrived in Debian
  - From: Ansgar Burchardt <ansgar@debian.org>
- Re: MATE 1.8 has now fully arrived in Debian
  - From: Svante Signell <svante.signell@gmail.com>
- Re: MATE 1.8 has now fully arrived in Debian
  - From: Jean-Christophe Dubacq <jcdubacq1@free.fr>
- Re: MATE 1.8 has now fully arrived in Debian
  - From: Svante Signell <svante.signell@gmail.com>
- Re: MATE 1.8 has now fully arrived in Debian
  - From: Simon McVittie <smcv@debian.org>

Prev by Date: Re: SV: MATE 1.8 has now fully arrived in Debian
Next by Date: Re: MATE 1.8 has now fully arrived in Debian
Previous by thread: Re: MATE 1.8 has now fully arrived in Debian
Next by thread: Re: MATE 1.8 has now fully arrived in Debian
Index(es):
- Date
- Thread