[1141] in linux-security and linux-alert archive
Re: [linux-security] pty's and utmp - a disaster perpetrated long ago
daemon@ATHENA.MIT.EDU (David Holland)
Tue Sep 10 14:54:25 1996
From: David Holland <dholland@hcs.HARVARD.EDU>
To: aleph1@dfw.net (Aleph One)
Date: Sun, 8 Sep 1996 17:05:30 -0400 (EDT)
Cc: miquels@cistron.nl, ian@chiark.chu.cam.ac.uk,
linux-security@tarsier.cv.nrao.edu
In-Reply-To: <Pine.SUN.3.94.960908155105.6391C-100000@dfw.dfw.net> from "Aleph One" at Sep 8, 96 03:55:21 pm
> > A daemon is probably a better bet than a setuid root subprogram. Of
> > course, communicating reliably with an arbitrary daemon is a trifle
> > difficult.
>
> There already exists such a daemon. utmpd under Solaris 2.5.
My understanding of utmpd is that it's a gross hack perpetrated to
pick up the pieces because the normal mechanisms don't bother to
remove utmp entries correctly.
> It would be nice the have the same interface/protocol as the utmpd under
> Solaris 2.5. Sadly it is compleatly undocumentet. Maybe someone with a
> contact in Sun could ask. Or someone may want to reverse engineer it.
This is because as far as I know there is no such interface.
> > Also, the utmp file as it presently exists should be abolished.
>
> Still need to keep the information someplace.
How about a db file that only the daemon accesses? Or at least a file
format with some kind of header so you have some chance of being able
to transparently add new fields...
--
- David A. Holland | Number of words in the English language that
dholland@hcs.harvard.edu | exist because of typos or misreadings: 381