Bug#311597: anyterm and /bin/login in etch
Just discovered that in etch, /bin/login is not suid, which makes
anyterm useless. The workaround I used was (I'm sure not totally
securely, though):
In the anyterm.conf apache configuration file, I gave
/usr/sbin/anygetty the "--loginprog /usr/sbin/anylogin" option, and
made anygetty setgid to anyterm (a group created by addgroup --system
anyterm).
Then /usr/sbin/anylogin is owned by root:anyterm with privs 4750,
compiled from:
#define REAL_PATH "/bin/login"
int main(int ac, char **av)
{
execv(REAL_PATH, av);
}
HTH,
Julian
Reply to: