Subject: Re: help fixing warnings from daily insecurity report
To: Russell McManus <russell_mcmanus@yahoo.com>
From: Greg A. Woods <woods@weird.com>
List: netbsd-users
Date: 01/18/2005 17:39:14
[ On Monday, January 17, 2005 at 12:02:28 (-0500), David Maxwell wrote: ]
> Subject: Re: help fixing warnings from daily insecurity report
>
> On Mon, 17 Jan 2005, Russell McManus wrote:
> > I'm getting messages like this from daily insecurity output:
> >
> > Checking the /etc/group file:
> > Group tinyproxy has more than 8 characters.
> > mtree: unknown user `smmsp'
> >
> > I installed www/tinyproxy which apparently created the tinyproxy user.
> > Now what?
>
> It's really just a warning. Since usernames <8 chars were the only
> format supported for a long time, it's possible that something in the
> system could be unhappy with >8 char usernames. I haven't seen any PRs
> on issues in some time though.
FYI the biggest issue on pre-2.x systems is /var/log/wtmp and
/var/run/utmp, since of course the length of the username they store is
only 8 characters.
The kernel limit for setlogin()/getlogin() has been 16 characters (from
MAXLOGNAME, now canonically LOGIN_NAME_MAX, which includes the
terminating NUL) since Dec. 1996 (1.3.x), and before that it was 12
characters (right back to 4.3 when I think setlogin() was first
introduced).
On my systems wtmp files are far more important for accounting purposes
and so I've reduced LOGIN_NAME_MAX back down to 9 and I enforce the same
limit everywhere else too so that I don't ever risk collisions in wtmp
data. However I do look forward to using wtmpx files instead when I can
increase LOGIN_NAME_MAX again to match UTX_USERSIZE!
Personally I've always thought the username length limit should have
been enforced by pwd_mkdb (i.e. during vipw) and I finally got around to
implementing it in my netbsd-1-6 tree:
Index: lib/libc/gen/pw_scan.c
===================================================================
RCS file: /cvs/master/m-NetBSD/main/src/lib/libc/gen/pw_scan.c,v
retrieving revision 1.11
diff -u -r1.11 pw_scan.c
--- lib/libc/gen/pw_scan.c 29 Jan 2002 10:20:30 -0000 1.11
+++ lib/libc/gen/pw_scan.c 5 Jan 2005 07:03:42 -0000
@@ -87,6 +119,11 @@
if (!(pw->pw_name = strsep(&bp, ":"))) /* login */
goto fmt;
+ if (strlen(pw->pw_name) > (LOGIN_NAME_MAX - 1)) {
+ if (!(inflags & _PASSWORD_NOWARN))
+ warnx("username too long, '%s' > %d", pw->pw_name, LOGIN_NAME_MAX - 1);
+ return (0);
+ }
root = !strcmp(pw->pw_name, "root");
if (!(pw->pw_passwd = strsep(&bp, ":"))) /* passwd */
--
Greg A. Woods
H:+1 416 218-0098 W:+1 416 489-5852 x122 VE3TCP RoboHack <woods@robohack.ca>
Planix, Inc. <woods@planix.com> Secrets of the Weird <woods@weird.com>