Bug#556522: hurd - using the login shell is insecure
Heya,
Justus Winter, le Sun 16 Jan 2011 05:49:55 +0100, a écrit :
> > Justus Winter, le Wed 12 Jan 2011 00:39:35 +0100, a écrit :
> > > diff -r a95557dc73eb daemons/getty.c
> > > --- a/daemons/getty.c Tue Jan 11 00:00:32 2011 +0000
> > > +++ b/daemons/getty.c Tue Jan 11 23:38:12 2011 +0000
> > > @@ -129,10 +129,10 @@
> > >
> > > if (tt && strcmp (tt->ty_type, "dialup") == 0)
> > > /* Dialup lines time out (which is login's default). */
> > > - execl (_PATH_LOGIN, "login", "-e", arg, NULL);
> > > + execl (_PATH_LOGIN, "login", "--no-passwd", "-aMOTD", "-e",
> > > arg, "login", NULL); else
> > > /* Hardwired lines don't. */
> > > - execl (_PATH_LOGIN, "login", "-e", arg, "-aNOAUTH_TIMEOUT",
> > > NULL);
> > > + execl (_PATH_LOGIN, "login", "--no-passwd", "-aMOTD", "-e",
> > > arg, "-aNOAUTH_TIMEOUT", "login", NULL);
> > > syslog (LOG_ERR, "%s: %m", _PATH_LOGIN);
> >
> > Mmm, why these?
>
> You've got a point here. After reading the login programs source I
> realized that 'login' is the default unprivileged user to use and that
> spawning this session requires no password (btw, is there documentation
> for hurds userspace tools that I am just unable to find?).
See hurd.info:
14 Authentication
*****************
FIXME: finish
14.3 login, loginpr
===================
> I'd argue to keep the -aMOTD though to prevent the motd from being
> shown before the user logs in
Actually that's due to another bug.
Samuel
Reply to: