Subject: Re: lib/18229: spontaneous getlogin() corruption
To: None <netbsd-bugs@netbsd.org>
From: David Laight <david@l8s.co.uk>
List: netbsd-bugs
Date: 09/08/2002 10:44:41
> >Synopsis: getlogin() suddenly returns a different username
> We first noticed it when mail from /usr/sbin/cron identified itself
> as being from another user. When we restarted cron the problem
> went away, but later that week it recurred when a host was rebooted.
A quick squint into cron/do_command.c shows (line 200):
if (setlogin(usernm) < 0)
syslog(LOG_ERR, "setlogin() failure: %m");
/* get new pgrp, void tty, etc. */
(void) setsid();
These two operations are clearly the wrong way around.
The 'atrun' code seems to do the same.
ftpd is also broken, connect in with ftp then do:
ps -ax -Ologname | grep ftpd
note who it belongs to!
rexecd, rshd and uucpd probably also affect inetd.
I'm not sure about login.c...
Nor sendmail..
setlogin() is also called from:
crypto/dist/heimdal/appl/login/login.c
crypto/dist/heimdal/appl/rsh/rshd.c
crypto/dist/krb4/appl/bsd/login.c
crypto/dist/krb4/appl/bsd/rshd.c
All of which assume they are already in a session.
crypto/dist/ssh/session.c
calls setsid() first...
crypto/dist/ssh/sshd.c
calls setsid() with a comment about needing because of the way
BSD setlogin() works.
Calls to setusercontext can also set logname, but I think they are
all ok or in the same programs.
Maybe a kernel diagnostic to output a warning if the logname
is changed (once set for that session) by someone other than the
session leader?
David
--
David Laight: david@l8s.co.uk