From owner-freebsd-bugs  Mon Dec 28 22:36:50 1998
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id WAA27094
          for freebsd-bugs-outgoing; Mon, 28 Dec 1998 22:36:50 -0800 (PST)
          (envelope-from owner-freebsd-bugs@FreeBSD.ORG)
Received: from mercury.webnology.com (mercury.webnology.com [209.155.51.2])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id WAA27089
          for <freebsd-bugs@freebsd.org>; Mon, 28 Dec 1998 22:36:47 -0800 (PST)
          (envelope-from jooji@webnology.com)
Received: from localhost (jooji@localhost)
	by mercury.webnology.com (8.9.1/8.8.8) with SMTP id AAA17218;
	Tue, 29 Dec 1998 00:36:12 -0600
	(envelope-from jooji@webnology.com)
Date: Tue, 29 Dec 1998 00:36:12 -0600 (CST)
From: "Jasper O'Malley" <jooji@webnology.com>
To: Peter Wemm <peter@netplex.com.au>
cc: freebsd-bugs@FreeBSD.ORG
Subject: Re: bin/9226: telnetd can log wrong IP address to utmp 
In-Reply-To: <199812290602.OAA71312@spinner.netplex.com.au>
Message-ID: <Pine.LNX.4.02.9812290017360.16797-100000@mercury.webnology.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Tue, 29 Dec 1998, Peter Wemm wrote:

> Without having looked at the code, I suspect telnetd suffers the same
> problem as rlogind/rshd used to (until I fixed them a week or so ago).
> Even with your patch, telnetd will log a forged hostname if it's shorter
> than 16 chars.

Absolutely true. I've got a patch to make telnetd feed IP addresses
exclusively to "login -h", but I imagine I'd have a harder time getting
that one committed.

> What would be better would be to reverse lookup the name and check for 
> validity before passing it on or using it in any logs anywhere.

Ayup.

> Yes, this is a pest if a machine has just exploded it's named, but I'd
> rather have hostnames/ip addresses in the logs that I can trust.

I'm not a big fan of denying access for what might be transient DNS
failures...as long as the "validation" involved falling back to logging 
the IP address from the socket object, with the *option* of booting people
with mismatched hostname/address pairs, I'm game.

> Re: utmp/wtmp format..  We've already changed the username length from 8 
> to 16 chars, which is different to 2.x.  We could change the hostname to 
> 32 and would then be compatable with BSD/OS's utmp format.

I once saw a suggestion on a NetBSD mailing list to make ut_host
variable-length (up to MAXHOSTNAMELEN) that I thought was pretty neat. And
the old Linux utaddr field isn't a bad idea, either.

Cheers,
Mick

The Reverend Jasper P. O'Malley          dotdot:jooji@webnology.com
    Systems Administrator                  ringring:asktheadmiral
	Webnology, LLC               woowoo:http://www.webnology.com/~jooji


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message