On Thu, 2014-06-26 at 13:53 +0100, Simon McVittie wrote: > On 26/06/14 13:33, Svante Signell wrote: > > Of course with the additional check that the students are logged in to > > that box locally, did I forget to mention that? > > ... or > something involving utmp/wtmp/other traditions. > > utmp(5) says "many system programs (foolishly) depend on its integrity" > so be very careful with security implications if you go that way. I > wouldn't want anything relying on utmp for its security on my systems.
Maybe I'm naive but doesn't utmp(5) solve this problem? who(1) tells me in clear-text if I'm logged in locally or remote: Linux: local remote or local console,tty pts/<number> ~$ who usr tty1 2014-06-26 16:16 usr :0 2014-06-24 19:33 (:0) usr pts/1 2014-06-25 15:19 (:0.0) susr pts/8 2014-06-26 16:24 (ip-address/hostname) Hurd: local remote console, tty ttyp ~$ who login console 2014-06-25 16:54 login tty1 2014-06-25 16:54 (tty1 to tty6) usr ttyp0 2014-06-25 19:33 (ip-address/hostname) Here a special user named login is used for not yet logged in terminals. For kFreeBSD I dunno yet, have to check. Are there serious security problems with ancient utmp that cannot be solved? -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/1403793121.14272.73.ca...@s1499.it.kth.se
