Subject: Re: Re: lib/30923
To: John Nemeth <firstname.lastname@example.org>
From: Rui Paulo <rpaulo@NetBSD.org>
Date: 08/25/2005 03:10:55
Content-Type: text/plain; charset=us-ascii
On 2005.08.24 18:36:40 +0000, John Nemeth wrote:
| On Jan 14, 8:57pm, Rui Paulo wrote:
| } On 2005.08.24 17:39:34 +0000, John Nemeth wrote:
| } | On Jan 14, 8:01pm, Rui Paulo wrote:
| } | } On 2005.08.24 14:44:20 +0000, John Nemeth wrote:
| } | } | That would be a significantly more complex patch. If I get =
| } | } | I may dig into login.c a little deeper and figure out how to do t=
| } | } | However, I wonder if it is worth it, considering that this will s=
| } | } | legacy code?
| } | }
| } | } Why will it be soon "legacy code" ?
| } |
| } | That might be a little strong. However, consider that 3.0 will
| } | most likely be out sometime this year. 3.0 onwards will use PAM which
| } | does authentication completely differently. Take a look in
| } | src/usr.bin/login. There you will see login.c and login_pam.c.
| } | login.c handles tradational methods, i.e. 2.x and earlier (also, if y=
| } | do a custom build without PAM). login_pam.c handles PAM, i.e. 3.0 and
| } | onwards.
| } I see your point.
| } | BTW, I see that you have a NetBSD.org address. Could you commit
| } | these patches? Or, is monkeying with security related stuff too far
| } | outside the areas that you normally work on?
| } Which patches? I still believe we need another way of handling this.
| } login.conf is an idea; anyone else wants to comment on that ?
| I provided patches for both login.c and login_pam.c to stop login
| from giving different messages for correct and incorrect passwords when
| logging in as root on an insecure terminal. Both patches are floating
| around in this thread.
Yes, but they just change a printf message IIRC.
| Now that I think about it, I don't think login.conf should be
| involved in any of this. The secure flag in /etc/ttys determines if
| one should be allowed to login as root on a given terminal. Or, do you
| want to use login.conf to dictate if a different message should be
| displayed for the cases of correct and incorrect password? I really
| don't think this is necessary.
I think the thread was all about the output message and the "secure" point
of view of it. While I don't care much about the message printed, someone
may want that as an option.
-- Rui Paulo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (NetBSD)
-----END PGP SIGNATURE-----