> >Synopsis:       getlogin() suddenly returns a different username

> We first noticed it when mail from /usr/sbin/cron identified itself
> as being from another user.  When we restarted cron the problem
> went away, but later that week it recurred when a host was rebooted.

A quick squint into cron/do_command.c shows (line 200):

                if (setlogin(usernm) < 0)
                        syslog(LOG_ERR, "setlogin() failure: %m");
                
                /* get new pgrp, void tty, etc.  */
                (void) setsid();

These two operations are clearly the wrong way around.

The 'atrun' code seems to do the same.

ftpd is also broken, connect in with ftp then do:
	ps -ax -Ologname | grep ftpd
note who it belongs to!

rexecd, rshd and uucpd probably also affect inetd.
I'm not sure about login.c...
Nor sendmail..

setlogin() is also called from:
    crypto/dist/heimdal/appl/login/login.c 
    crypto/dist/heimdal/appl/rsh/rshd.c
    crypto/dist/krb4/appl/bsd/login.c
    crypto/dist/krb4/appl/bsd/rshd.c
All of which assume they are already in a session.

crypto/dist/ssh/session.c
    calls setsid() first...
crypto/dist/ssh/sshd.c
    calls setsid() with a comment about needing because of the way
    BSD setlogin() works.

Calls to setusercontext can also set logname, but I think they are
all ok or in the same programs.

Maybe a kernel diagnostic to output a warning if the logname
is changed (once set for that session) by someone other than the
 session leader?


	David

-- 
David Laight: david@l8s.co.uk