[1534] in SIPB_Linux_Development
Denial of service attach against linux-athena login
daemon@ATHENA.MIT.EDU (Erik Nygren)
Wed Nov 27 19:14:51 1996
To: linux-dev@MIT.EDU
Date: Wed, 27 Nov 1996 19:12:46 EST
From: Erik Nygren <nygren@MIT.EDU>
This works against the login program in Linux-Athena (RedHat 4.0.0).
It should probably get fixed.
------- Forwarded Message
From: marekm@i17linuxb.ists.pwr.wroc.pl (Marek Michalkiewicz)
To: linux-security@redhat.com
Date: Wed, 27 Nov 1996 21:09:08 +0100 (MET)
Cc: johnsonm@redhat.com
Subject: [linux-security] Re: Re: denial of service attack on login
Chris Adams:
> > joe$ nvi /var/log/wtmp
> >
> > [ Now no-one else can log in ]
>
> This doesn't seem to happen on my system - RedHat 3.0.3 + shadow
> passwords. My /bin/login comes from shadow-960810-1. Maybe the
> shadow passowrd suite doesn't try to lock wtmp?
Yes. It shouldn't be necessary - the O_APPEND open() flag should be
enough to guarantee atomic writes at end of file (it's a kernel bug
if it doesn't). Original *BSD login sources don't lock wtmp either,
but util-linux does. Perhaps O_APPEND didn't work right on old
kernels? Remember util-linux login was ported to Linux 0.12 :-).
Marek
------- End of Forwarded Message
