[2071] in linux-security and linux-alert archive
[linux-security] Re: /bin/login problem
daemon@ATHENA.MIT.EDU (Rogier Wolff)
Tue Sep 8 14:16:41 1998
In-Reply-To: <199809071342.JAA03238@hilfy.ece.cmu.edu> from "Brandon S. Allbery KF8NH" at "Sep 7, 98 09:43:31 am"
To: allbery@kf8nh.apk.net (Brandon S. Allbery KF8NH)
Date: Mon, 7 Sep 1998 16:33:50 +0200 (MEST)
Cc: R.E.Wolff@BitWizard.nl, linux-security@redhat.com
From: R.E.Wolff@BitWizard.nl (Rogier Wolff)
Resent-From: linux-security@redhat.com
Resent-Reply-To: linux-security@redhat.com
Brandon S. Allbery KF8NH wrote:
> In message <199809042121.XAA07939@cave.BitWizard.nl>, Rogier Wolff writes:
> +-----
> | If a new login finds "no_such_user" as its argument, it reads the
> | login name from an environment variable instead of from the argument
> | vector.
> +--->8
>
> That won't help: consider `ps aexwww'. I would suggest instead that the
> user name be passed on an additional fd; e.g.:
>
> login -I fd
> login reads a user name from file descriptor `fd', then
> proceeds as if the user name had been specified as an
> argument.
>
> Again, getty must support this mode of operation.
>
Ok. Many people are mailing me about the "e" option to ps, that is
supposed to show the environment. (It somehow doesn't work on my
version of ps. Forget about it, I don't care that it doesn't work)
The environment is not accessible to other users.
wolff@cave% cat /proc/1/environ
cat: /proc/1/environ: Permission denied
Of course, instead of "no_such_user" something that looks like an
option is much better. (the phrase "engage brain before pressing send"
comes to mind :-)
Passing the string through a pipe works (I didn't find that "obvious":
The sending end of the pipe was written to by the same process, which
just exec-ed the reading program, and the writing end of the pipe is
closed by the time the read is performed)
#include <unistd.h>
#include <stdlib.h>
#include <stdio.h>
int main (int argc, char **argv)
{
char buf[32];
int p[2];
int n, fd;
if ((argc > 2) && (strcmp (argv[1] , "-i") == 0)) {
fd = atoi (argv[2]);
printf ("fd = %d\n", fd);
n = read (fd, buf, 30);
if (n < 0) {
perror ("read");
exit (1);
}
close (fd);
buf[n] = 0;
printf ("n=%d, buf='%s'\n", n, buf);
exit (0);
} else {
pipe (p);
write (p[1], "this is a test", 14);
close (p[1]);
sprintf (buf, "%d", p[0]);
execl ("./pass", "pass", "-i", buf, NULL);
perror ("exec");
}
exit (0);
}
Regards,
Roger.
> --
> brandon s. allbery [os/2][linux][solaris][japh] allbery@kf8nh.apk.net
> system administrator [WAY too many hats] allbery@ece.cmu.edu
> electrical and computer engineering KF8NH
> carnegie mellon university
>
>
--
| The secret of success is sincerity. Once you can | R.E.Wolff@BitWizard.nl
| fake that, you've got it made. -- Jean Giraudoux | T: +31-15-2137555
-We write Linux device drivers for any device you may have! Call for a quote-
--
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe:
mail -s unsubscribe linux-security-request@redhat.com < /dev/null