From owner-freebsd-stable  Mon Aug 20 20:40:46 2001
Delivered-To: freebsd-stable@freebsd.org
Received: from mail2.uniserve.com (mail2.uniserve.com [204.244.156.10])
	by hub.freebsd.org (Postfix) with ESMTP id 07BAA37B407
	for <stable@freebsd.org>; Mon, 20 Aug 2001 20:40:44 -0700 (PDT)
	(envelope-from tom@uniserve.com)
Received: from mail2.uniserve.com ([204.244.156.10])
	by mail2.uniserve.com with esmtp (Exim 3.13 #1)
	id 15Z2P7-000E2a-00; Mon, 20 Aug 2001 20:40:37 -0700
Date: Mon, 20 Aug 2001 20:40:37 -0700 (PDT)
From: Tom <tom@uniserve.com>
X-Sender: tom@athena.uniserve.ca
To: Eugene Grosbein <eugen@svzserv.kemerovo.su>
Cc: stable@freebsd.org
Subject: Re: stale entries in utmp (security issue?)
In-Reply-To: <3B81D71B.B099197F@svzserv.kemerovo.su>
Message-ID: <Pine.BSF.4.10.10108202039170.62960-100000@athena.uniserve.ca>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-stable.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-stable>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-stable>
X-Loop: FreeBSD.ORG


On Tue, 21 Aug 2001, Eugene Grosbein wrote:

> Hi!
> 
> 1. login as root
> 2. type 'login -f username' when username is valid name of user that is
> not logged now
> 3. type 'logout'
> 4. Now you are root but command 'w' does not say so (security?)
> 5. type 'logout'
> 6. Now command 'w' says user 'username' is still logged but it has no
> processes.

  Since the root user can just delete the utmp file, there is not too much
to be done about this.  Some UNIX systems have gone to a utmp API and an
utmp server to maintain the logged in user state better.


Tom


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message