[10297] in bugtraq
Re: bug in ssh allowing to be invissible
daemon@ATHENA.MIT.EDU (Pete)
Wed Apr 21 15:35:23 1999
Date: Tue, 20 Apr 1999 12:07:44 -0700
Reply-To: Pete <shipley@KPMG.COM>
From: Pete <shipley@KPMG.COM>
X-To: shipley@merde.dis.org
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: Your message of Mon, 19 Apr 1999 15:30:20 +0200.
<Pine.LNX.4.02.9904191522470.4183-100000@main.lighting.ml.org>
>
>Sorry, but maybe i'll resend this email (I was very sleepy while writing
>prev leter).
>
>Hi,
>
>I have just discoverd that there is a bug in sshd allowing ordinary user
>to be showed as not logged in while logged in. You should simply ssh to
>remote host and run command "bash". One that's not so good, is that you
>will not have the controlling terminal, but ...
This is not a new bug, in fact it is not even a bug.. (feature?)
since you are not really logged in.
Rsh and several simular programs exhibit the exact same behavior and have
so since they were introduced a decade and a half ago in 4.2 BSD.
Note that Sshd still logs the connection to syslog (or how ever you
have it configured to log on your system). Mind you that the only
thing that is not being logged is are entries in utmp/wtmp, these files
should not be relied on or trusted in the first place since it is prone
to having errors and "ghost" entries. (some systems may system leave
it world writable)
-Pete
