David Schultz wrote:
On Sun, Feb 22, 2004, Tim Kientzle wrote:
David Schultz wrote:
One unfortunate side-effect [of dynamic /bin is that] custom versions of nologin that people have written as shell scripts are now insecure.
Is there any reason why "login -p" should be permitted if the user's shell is not listed in /etc/shells ?
chpass already enforces a clear distinction between "standard" and "non-standard" shells. It seems reasonable for login(1) to also be aware of that distinction.
Good point. I don't know of any reason for the present behavior. I suppose the same reasoning would also apply to su and sshd ...
And possibly telnetd?
Looking at telnetd, it uses the "-p" option to login to preserve TERM. But our login always preserves TERM, regardless, so I think this could be removed.
I'm not entirely sure, though. There are many layers of #if/#else/#endif in that code, so I might be mis-reading things here. Our telnetd is also vendor code, so it would be advisable to limit changes to the code directly. It looks like it might suffice to add
CFLAGS += -DNO_LOGIN_P
to src/libexec/telnetd/Makefile.
Thoughts?
Tim
_______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
