misc/183495: utx.active not being updated correctly

Ed Schouten ed at 80386.nl
Wed Nov 13 21:00:02 UTC 2013

The following reply was made to PR misc/183495; it has been noted by GNATS.

From: Ed Schouten <ed at 80386.nl>
To: bug-followup at FreeBSD.org, rich at enterprisesystems.net
Cc: freebsd-hackers at freebsd.org
Subject: Re: misc/183495: utx.active not being updated correctly
Date: Wed, 13 Nov 2013 21:58:32 +0100

 Hi there,
 [ +freebsd-hackers, to see whether this change would go in the right direction ]
 It seems that the regression described in misc/183495 is unrelated to
 utmpx alone. Unlike utmp, utmpx allows multiple entries per TTY. This
 causes the issue to become actually visible.
 telnetd uses login(1) to provide a login prompt, interactive shell,
 etc. Looking at the source code of login(1), it seems that it never
 attempts to call pam_cleanup() whenever the process terminates with
 SIGHUP, nor does it protect itself against SIGTERM properly. The
 following patch should fix this issue partially:
 Still, one issue that remains is that the parent process can still be
 killed using SIGKILL, thereby allowing you to circumvent
 pam_cleanup(). What would be the right approach to fix this? Changing
 the effective UID would solve this, but I don't feel really
 comfortable to modify these kind of pieces of software. It's easy to
 introduce security bugs.
 Ed Schouten <ed at 80386.nl>

More information about the freebsd-bugs mailing list