[15308] in bugtraq
Re: OpenSSH's UseLogin option allows remote access with root
daemon@ATHENA.MIT.EDU (Phil Stracchino)
Mon Jun 12 01:37:53 2000
Mail-Followup-To: BugTraq <bugtraq@securityfocus.com>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="ReaqsoxgOBHFXBhH"
Content-Disposition: inline
Message-Id: <20000610145425.B14679@babylon5.babcom.com>
Date: Sat, 10 Jun 2000 14:54:25 -0700
Reply-To: Phil Stracchino <alaric@BABCOM.COM>
From: Phil Stracchino <alaric@BABCOM.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.LNX.4.21.0006101044140.4808-100000@bochum.redhat.de>; from
bero@REDHAT.DE on Sat, Jun 10, 2000 at 10:45:31AM +0200
--ReaqsoxgOBHFXBhH
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
On Sat, Jun 10, 2000 at 10:45:31AM +0200, Bernhard Rosenkraenzer wrote:
> On Fri, 9 Jun 2000, Markus Friedl wrote:
>
> > OpenSSH's UseLogin option allows remote access with root privilege.
>
> Updated Red Hat Linux packages are now available at
>
> ftp://ftp.redhat.de/pub/rh-addons/security/current
The previously-posted patch is for the OpenBSD version, not the portable
version. The attached patch will update portable version 2.1.0p2 (the
latest on the sites, at least as of last night) to 2.1.1p1.
--
Linux Now! ..........Because friends don't let friends use Microsoft.
phil stracchino -- the renaissance man -- mystic zen biker geek
Vr00m: 2000 Honda CBR929RR -- Cage: 2000 Dodge Intrepid R/T
Previous vr00mage: 1986 VF500F (sold), 1991 VFR750F3 (foully murdered)
--ReaqsoxgOBHFXBhH
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="session.c.patch"
*** session.c.orig Fri May 19 19:49:31 2000
--- session.c Fri Jun 9 23:45:28 2000
***************
*** 809,814 ****
--- 809,818 ----
char *argv[10];
#ifndef USE_PAM /* pam_nologin handles this */
+ /* login(1) is only called if we execute the login shell */
+ if (options.use_login && command != NULL)
+ options.use_login = 0;
+
f = fopen("/etc/nologin", "r");
if (f) {
/* /etc/nologin exists. Print its contents and exit. */
--ReaqsoxgOBHFXBhH--
