Subject: Re: $HOSTALIASES thing.
To: NetBSD Security Technical Discussion List <tech-security@NetBSD.ORG>
From: None <email@example.com>
Date: 11/04/2000 19:09:20
>> i have the same question. how do the daemon authenticate the
>> guy who asked for wtmp/utmp writes?
>The first obvious check is (for a session start record) to ensure that
>the user owns the tty he's beginning his new session on. Some other
>sanity checks can be done to further enhance the reliability and
>integrity of this scheme too (such as checking that the user does not
>have write permission in /dev, etc.)
still, a bad guy can write an application just for overflowing /var.
with setuid'ed xterm, it is not really possible (bad guy may be able to
start as many xterm as I can). i don't have the complete solution
anyways but i think it still better to use setuid'ed xterm (of course,
xterm should drop setuid earliest possible).