From owner-freebsd-security  Fri Nov  3 05:17:05 1995
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.6.12/8.6.6) id FAA11009
          for security-outgoing; Fri, 3 Nov 1995 05:17:05 -0800
Received: from sequent.kiae.su (sequent.kiae.su [144.206.136.6])
          by freefall.freebsd.org (8.6.12/8.6.6) with SMTP id FAA10998
          for <security@freebsd.org>; Fri, 3 Nov 1995 05:16:55 -0800
Received: by sequent.kiae.su id AA17909
  (5.65.kiae-2 ); Fri, 3 Nov 1995 16:12:50 +0300
Received: by sequent.KIAE.su (UUMAIL/2.0); Fri,  3 Nov 95 16:12:49 +0300
Received: (from ache@localhost) by ache.dialup.demos.ru (8.6.12/8.6.12) id QAA03213; Fri, 3 Nov 1995 16:03:36 +0300
To: Peter Wemm <peter@jhome.DIALix.COM>
Cc: CVS-commiters@freefall.freebsd.org, security@freebsd.org
References: <Pine.BSF.3.91.951102214104.2078D-100000@jhome.DIALix.COM>
In-Reply-To: <Pine.BSF.3.91.951102214104.2078D-100000@jhome.DIALix.COM>;
    from Peter Wemm at Thu, 2 Nov 1995 21:54:51 +0800 (WST)
Message-Id: <hCeCXcmO4C@ache.dialup.demos.ru>
Organization: Olahm Ha-Yetzirah
Date: Fri,  3 Nov 1995 16:03:36 +0300 (MSK)
X-Mailer: Mail/@ [v2.40 FreeBSD]
From: =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?=
    (aka Andrey A. Chernov, Black Mage) <ache@astral.msk.su>
X-Class: Fast
Subject: Re: cvs commit: CVSROOT log_accum.pl
Lines: 53
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Length: 1931
Sender: owner-security@freebsd.org
Precedence: bulk

In message <Pine.BSF.3.91.951102214104.2078D-100000@jhome.DIALix.COM>
    Peter Wemm writes:

>On Thu, 2 Nov 1995, =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?= wrote:
>> In message <Pine.BSF.3.91.951102192412.2078B-100000@jhome.DIALix.COM>
>>     Peter Wemm writes:
>> 
>> >Maybe the setlogin() call should only work for processes that are the 
>> >session leader rather than just "one of many in the session"?
>> 
>> It is definitely so, and check for session leader must be added
>> to setlogin syscall.
>> Even manpage says that setlogin affects only _current_ session.
>> 
>> Proposed fix:
>> 
>> *** kern_prot.c.bak	Thu Nov  2 16:05:11 1995
>> --- kern_prot.c	Thu Nov  2 16:08:29 1995
>> ***************
>> *** 623,628 ****
>> --- 623,630 ----
>>   {
>>   	int error;
>>   
>> + 	if (!SESS_LEADER(p))
>> + 		return (EPERM);
>>   	if ((error = suser(p->p_ucred, &p->p_acflag)))
>>   		return (error);
>>   	error = copyinstr((caddr_t) uap->namebuf,

>This is a pretty brutal fix.. :-)  I think we'd better check what's going 
>to break first before we do this.  inetd will need to be modified first 
>and installed before the kernel is patched or all hell could break loose.

Well, here list of programs which calls setlogin:

init
rexecd
rshd
login

After your inetd fix what else can be affected with my patch?
Setlogin isn't suppose to do group operation, i.e. mass login id changes,
and must affect only current session.
It must be applied in any case, independently what can be affected,
according to manpage (and common sense too). Moreover, when it will be
applied, it will be easy to find, what is affected and fix it.

-- 
Andrey A. Chernov        : And I rest so composedly,  /Now, in my bed,
ache@astral.msk.su       : That any beholder  /Might fancy me dead -
http://dt.demos.su/~ache : Might start at beholding me,  /Thinking me dead.
RELCOM Team,FreeBSD Team :         E.A.Poe         From "For Annie" 1849