[plhofmei@zionlth.org: SSHD Attempts to open /var/log/lastlog for RW with insufficient permissions]

To: debian-security@lists.debian.org
Subject: [plhofmei@zionlth.org: SSHD Attempts to open /var/log/lastlog for RW with insufficient permissions]
From: Phillip Hofmeister <plhofmei@zionlth.org>
Date: Fri, 28 Jun 2002 14:52:01 -0400
Message-id: <[🔎] 20020628185201.GA7202@zionlth.org>
Mail-followup-to: debian-security@lists.debian.org

Forwarding this bug to debian-security as I feel it is related to our recent SSH
issues...

Bug number is 151297

Phil

----- Forwarded message from Phillip <plhofmei@zionlth.org> -----

Envelope-to: plhofmei@zionlth.org
Delivery-date: Fri, 28 Jun 2002 14:21:34 -0400
From: Phillip <plhofmei@zionlth.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: SSHD Attempts to open /var/log/lastlog for RW with insufficient permissions
X-Reportbug-Version: 0.54.1
X-Mailer: reportbug 0.54.1
Date: Fri, 28 Jun 2002 14:21:02 -0400

Package: ssh
Version: 1:3.4p1-0.0potato1
Severity: important


6616  open("/var/log/lastlog", O_RDWR) = -1 EACCES (Permission denied)
plhofmei  6616  0.5  5.9  5724 1836 ?        S    14:02   0:00      \_ /usr/sbin/sshd
-rwxrwx---    1 root     utmp       296672 Jun 28 14:02 /var/log/lastlog

As seen above, (strace watch) PID (here 6616) owned by a normal user attempts
to open a log file for read/write when such access is not available.  Since
the user cannot open this file information about when and where they last
logged in from is not available.  The obvious fix for this (making the file
world readable and writable) would introduce a security problem.


-- System Information
Debian Release: 2.2
Architecture: i386
Kernel: Linux Oneil 2.2.19 #1 Wed Jun 26 15:25:01 EDT 2002 i586

Versions of packages ssh depends on:
ii  adduser                3.11.1            Add users and groups to the system
ii  debconf                0.2.80.17         Debian configuration management sy
ii  libc6                  2.1.3-20          GNU C Library: Shared libraries an
ii  libpam-modules         0.72-9            Pluggable Authentication Modules f
ii  libpam0g               0.72-9            Pluggable Authentication Modules l
ii  libssl0.9.6            0.9.6c-0.potato.1 SSL shared libraries              
ii  libwrap0               7.6-4             Wietse Venema's TCP wrappers libra
ii  zlib1g [libz1]         1:1.1.3-5.1       compression library - runtime     

-- Configuration Files:
/etc/pam.d/ssh [Errno 13] Permission denied: '/etc/pam.d/ssh'
/etc/ssh/moduli [Errno 13] Permission denied: '/etc/ssh/moduli'
/etc/ssh/ssh_config [Errno 13] Permission denied: '/etc/ssh/ssh_config'


----- End forwarded message -----

Attachment: pgpNke8AYfFDj.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: [plhofmei@zionlth.org: SSHD Attempts to open /var/log/lastlog for RW with insufficient permissions]
  - From: bxf4@psu.edu (Brian P. Flaherty)

Prev by Date: Re: More SSH Fun (Minor)
Next by Date: Re: [plhofmei@zionlth.org: SSHD Attempts to open /var/log/lastlog for RW with insufficient permissions]
Previous by thread: Re: More SSH Fun (Minor)
Next by thread: Re: [plhofmei@zionlth.org: SSHD Attempts to open /var/log/lastlog for RW with insufficient permissions]
Index(es):
- Date
- Thread