--W/nzBZO5zC0uMSeA
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Wed, Feb 08, 2006 at 08:41:36PM +0200, Elad Efrat wrote:
> Bernd Ernesti wrote:
[code with login.c removed in the last mail]

> > Removing that output would confuse new users who try to login via an insecure
> > terminal (telnet) and don't understand why they would get an Login incorrect.

I see the problem after I looked at 31059.
IMHO we should change the code and the message in the case of a uid 0 login too.
	Login incorrect or refused on this terminal.

See attached patch.
Hmm, there is one problem if there are multiple users with the uid 0.
Someone could check for them with my patch.

> that should be a documentation fix ("i got a login incorrect, what could
> be the reasons?") i believe.

Where would you document that?
telnetd, login, ...?

Thats why I want to change the code.

Bernd


--W/nzBZO5zC0uMSeA
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="31059.patch"

? login.c-orig
Index: login.c
===================================================================
RCS file: /cvsroot/src/usr.bin/login/login.c,v
retrieving revision 1.84
diff -u -r1.84 login.c
--- login.c	29 Mar 2005 17:00:21 -0000	1.84
+++ login.c	8 Feb 2006 19:04:37 -0000
@@ -504,8 +504,7 @@
 		 */
 		if (pwd && !rval && rootlogin && !rootterm(tty)) {
 			(void)fprintf(stderr,
-			    "%s login refused on this terminal.\n",
-			    pwd->pw_name);
+			    "Login incorrect or refused on this terminal.\n");
 			if (hostname)
 				syslog(LOG_NOTICE,
 				    "LOGIN %s REFUSED FROM %s ON TTY %s",
@@ -520,7 +519,12 @@
 		if (pwd && !rval)
 			break;
 
-		(void)printf("Login incorrect\n");
+		if (rootlogin == 1) {
+			(void)printf(
+			    "Login incorrect or refused on this terminal.\n");
+		} else {
+			(void)printf("Login incorrect\n");
+		}
 		failures++;
 		cnt++;
 		/* we allow 10 tries, but after 3 we start backing off */

--W/nzBZO5zC0uMSeA--