From owner-freebsd-arch Wed Jul 25 15:15: 2 2001 Delivered-To: freebsd-arch@freebsd.org Received: from purgatory.unfix.org (purgatory.xs4all.nl [194.109.237.229]) by hub.freebsd.org (Postfix) with ESMTP id AB1A137B406; Wed, 25 Jul 2001 15:14:51 -0700 (PDT) (envelope-from jeroen@unfix.org) Received: from HELL (hell.unfix.org [::ffff:10.100.13.66]) by purgatory.unfix.org (Postfix) with ESMTP id 260433146; Thu, 26 Jul 2001 00:14:47 +0200 (CEST) From: "Jeroen Massar" To: "'Peter C. Lai'" , "'Garance A Drosihn'" Cc: "'Matt Dillon'" , , "'Garrett Wollman'" , Subject: RE: Changes to utmp, wtmp & lastlog entries Date: Thu, 26 Jul 2001 00:14:31 +0200 Organization: Unfix Message-ID: <000701c11557$2e9e7840$420d640a@HELL> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2616 In-Reply-To: <20010725193515.16583.qmail@d170h113.resnet.uconn.edu> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2479.0006 Importance: Normal Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Peter C. Lai wrote: > > This is a spin-off of the thread in -security about: > > bin/22595: telnetd tricked into using arbitrary peer ip > > http://www.FreeBSD.org/cgi/query-pr.cgi?pr=22595 > > > > > > At 10:07 AM -0700 7/23/01, Matt Dillon wrote: > >> Garrett Wollman wrote: > >> :< >> :> Garrett Wollman wrote: > >> :> : SVR4 has an API. This API is standardized as a part of > >> :> : the Austin Group process. > >> : > >> :> Fine.. then if you want to get all the third party program > >> :> authors to use a magic API, be my guest. > >> : > >> : If they run on Solaris -- which most of them do -- then > they already > >> : do. Nice try, Matt, but far off the mark. > >> : > >> :-GAWollman > >> > >> Really.. Lets see. wu-ftpd... nope. proftpd... nope. Want me > >> to continue? > > > > Still... If there *is* an API which would be common to both Solaris > > and FreeBSD, then it should be much easier to get > third-party program > > authors to accept changes to use that API. What I've suggested on the security@ list was: Make a nice API which will wrap all this stuff up for good: - This API will log in a different file then wtmp/utmp/lastlog. - A program is free to use the API or not, though it is encouraged too (and basically the author of the program would be kinda stupid not to :) - API using programs can only "write" to the new API camouflaged system (be it a SQL database, a flat file whatever, the app won't see it). - The "old" utmp/wtmp/lastlog is wrapped in the API whenever something is queried... so... API using programs query for the last accounts used for logging in... The API then sees "hey we still use the old utmp/wtmp/lastlog stuff" and reads entries from there in addition to from it's own db/file whatever. The API should simply eat strings of undefined length or spit strings with predefined buffer lengths: Putlastlog(char *accountname, char *hostaddress, int af_type); Getlastlog(char *accountname, char *hostaddress, int *af_type, int acct_len, int host_len); Tada all problems solved.... And we could get more evil to have a small program in cron or something merge the "old" utmp/wtmp/lastlog stuff into the new API enabled form. And throw away the old entries. This could be done verywell as there are only a few programs 'relying' on reading from the files (eg w/who :). Another nice thing to do would be to make the API convinient to be used on other platforms, thus make a "old wrapper only" version which writes directly into utmp/wtmp/lastlog. This way programmers of the client apps are easier to be encouraged to use it, as they can simply use the wrapper on platforms which don't have the real API backend we want to have. Wrap the wrappers and make it all happy for yourself :) Greets, Jeroen To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message