Date: Wed, 21 Oct 2015 09:57:55 -0700 From: Bryan Drewery <bdrewery@FreeBSD.org> To: Jilles Tjoelker <jilles@stack.nl> Cc: freebsd-arch@FreeBSD.org Subject: Re: login -f changing session getlogin(2) Message-ID: <5627C413.1060106@FreeBSD.org> In-Reply-To: <20151003210857.GA57303@stack.nl> References: <560D826D.7000302@FreeBSD.org> <20151001203436.GA22737@stack.nl> <560DAD6D.7050007@FreeBSD.org> <20151003210857.GA57303@stack.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --7dRmrx1WmCiWEGLK9TlOpPXIeMgMgNaP6 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 10/3/2015 2:08 PM, Jilles Tjoelker wrote: > On Thu, Oct 01, 2015 at 03:02:21PM -0700, Bryan Drewery wrote: >> Can't we use something like forkpty(3) for the child to avoid the issu= es >> you mention? It calls setsid(2) via login_tty(3). >=20 > This would make sense for a special impersonation tool or for a paranoi= d > version of su, but not for a normal login. >=20 > You can do this right now using script(1), for example > script /dev/null login -f SOMEUSER >=20 Leaving this bug here in unacceptable to me. It is a clear POLA violation and is sternly documented in setlogin(2) as the wrong thing to = do. There seems to be unwillingness to discuss actual potential fixes. --=20 Regards, Bryan Drewery --7dRmrx1WmCiWEGLK9TlOpPXIeMgMgNaP6 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBAgAGBQJWJ8QTAAoJEDXXcbtuRpfPbk4IANTuPCbZY++cxOr720kusB0J hh+rqtVDjC/fiqoNoJbL6SLFy+MUlcrRxoJe7pxlm2X337uUOTH2rTgLAzeTxmsR mbsR6xf5IPrPNFk8B7EZ73HTtrVgFDMw9cp3NGMKX+QYdDx0p9xKZRk9+Ln12ZPn 3cWEyP5QIKimH1Ibp8TxjGOME+4eyoQ+TXb9kLGOHalOh3HaHrQ34V62oGQhEfrg 97DjVLVNlvdCSLtXiA5RZJwBfd6wlMC+9R3nllxr/dB+TxoIjZR/6Eu5yZ56khH7 3BUl+ZA7QguDIlglGv0hHh8cCanezdOai6+tqxIveHx60JcHzyf+JjU+cnGFzvk= =f7jL -----END PGP SIGNATURE----- --7dRmrx1WmCiWEGLK9TlOpPXIeMgMgNaP6--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5627C413.1060106>