misc/183495: utx.active not being updated correctly
Ed Schouten
ed at 80386.nl
Wed Nov 13 20:58:33 UTC 2013
Hi there,
[ +freebsd-hackers, to see whether this change would go in the right direction ]
It seems that the regression described in misc/183495 is unrelated to
utmpx alone. Unlike utmp, utmpx allows multiple entries per TTY. This
causes the issue to become actually visible.
telnetd uses login(1) to provide a login prompt, interactive shell,
etc. Looking at the source code of login(1), it seems that it never
attempts to call pam_cleanup() whenever the process terminates with
SIGHUP, nor does it protect itself against SIGTERM properly. The
following patch should fix this issue partially:
http://80386.nl/pub/login-signal-fix.txt
Still, one issue that remains is that the parent process can still be
killed using SIGKILL, thereby allowing you to circumvent
pam_cleanup(). What would be the right approach to fix this? Changing
the effective UID would solve this, but I don't feel really
comfortable to modify these kind of pieces of software. It's easy to
introduce security bugs.
Thoughts?
--
Ed Schouten <ed at 80386.nl>
More information about the freebsd-hackers
mailing list