[1141] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

Re: [linux-security] pty's and utmp - a disaster perpetrated long ago

daemon@ATHENA.MIT.EDU (David Holland)
Tue Sep 10 14:54:25 1996

From: David Holland <dholland@hcs.HARVARD.EDU>
To: aleph1@dfw.net (Aleph One)
Date: Sun, 8 Sep 1996 17:05:30 -0400 (EDT)
Cc: miquels@cistron.nl, ian@chiark.chu.cam.ac.uk,
        linux-security@tarsier.cv.nrao.edu
In-Reply-To: <Pine.SUN.3.94.960908155105.6391C-100000@dfw.dfw.net> from "Aleph One" at Sep 8, 96 03:55:21 pm

 > > A daemon is probably a better bet than a setuid root subprogram. Of
 > > course, communicating reliably with an arbitrary daemon is a trifle
 > > difficult.
 > 
 > There already exists such a daemon. utmpd under Solaris 2.5.

My understanding of utmpd is that it's a gross hack perpetrated to
pick up the pieces because the normal mechanisms don't bother to
remove utmp entries correctly.

 > It would be nice the have the same interface/protocol as the utmpd under
 > Solaris 2.5. Sadly it is compleatly undocumentet. Maybe someone with a
 > contact in Sun could ask. Or someone may want to reverse engineer it.

This is because as far as I know there is no such interface.

 > > Also, the utmp file as it presently exists should be abolished.
 > 
 > Still need to keep the information someplace.

How about a db file that only the daemon accesses? Or at least a file
format with some kind of header so you have some chance of being able
to transparently add new fields...

-- 
   - David A. Holland          | Number of words in the English language that
     dholland@hcs.harvard.edu  | exist because of typos or misreadings: 381

home help back first fref pref prev next nref lref last post