Subject: Re: $HOSTALIASES thing.
To: None <tech-kern@netbsd.org, tech-security@netbsd.org>
From: Greg A. Woods <woods@weird.com>
List: tech-kern
Date: 11/04/2000 02:45:58
[ On Saturday, November 4, 2000 at 16:00:53 (+0900), itojun@iijlab.net wrote: ]
> Subject: Re: $HOSTALIASES thing.
>
> i have the same question. how do the daemon authenticate the
> guy who asked for wtmp/utmp writes?
The first obvious check is (for a session start record) to ensure that
the user owns the tty he's beginning his new session on. Some other
sanity checks can be done to further enhance the reliability and
integrity of this scheme too (such as checking that the user does not
have write permission in /dev, etc.)
Authenticating a session-end record is more difficult but it might be
possible to arrange it such that the tty is changed to be owned by root
(or some neutral unprivileged user) once the user is logged out (perhaps
with ttyaction) and thus the xterm process still running as the user
could request a session end record be recorded and the daemon could
verify that the tty had been properly released. (This is much easier
with init and getty, of course, but for ptys it's currently
problematical, which is why I've decided that a kernel based pty cloning
scheme is a superior solution all around -- it solves several problems
all at once in a reasonably elegant fashion.)
--
Greg A. Woods
+1 416 218-0098 VE3TCP <gwoods@acm.org> <robohack!woods>
Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>