From owner-freebsd-security Tue Nov 14 06:02:13 1995 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.6.12/8.6.6) id GAA00255 for security-outgoing; Tue, 14 Nov 1995 06:02:13 -0800 Received: from sequent.kiae.su (sequent.kiae.su [144.206.136.6]) by freefall.freebsd.org (8.6.12/8.6.6) with SMTP id GAA00227 ; Tue, 14 Nov 1995 06:01:44 -0800 Received: by sequent.kiae.su id AA03158 (5.65.kiae-2 ); Tue, 14 Nov 1995 16:56:21 +0300 Received: by sequent.KIAE.su (UUMAIL/2.0); Tue, 14 Nov 95 16:56:20 +0300 Received: (from ache@localhost) by ache.dialup.demos.ru (8.6.12/8.6.12) id QAA00287; Tue, 14 Nov 1995 16:53:48 +0300 To: davidg@Root.COM Cc: committers@freebsd.org, peter@freebsd.org, security@freebsd.org References: <199511131630.IAA04150@corbin.Root.COM> In-Reply-To: <199511131630.IAA04150@corbin.Root.COM>; from David Greenman at Mon, 13 Nov 1995 08:30:52 -0800 Message-Id: Organization: Olahm Ha-Yetzirah Date: Tue, 14 Nov 1995 16:53:47 +0300 (MSK) X-Mailer: Mail/@ [v2.40 FreeBSD] From: =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?= (aka Andrey A. Chernov, Black Mage) X-Class: Fast Subject: Re: cvs commit: CVSROOT log_accum.pl Lines: 33 Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Length: 1551 Sender: owner-security@freebsd.org Precedence: bulk In message <199511131630.IAA04150@corbin.Root.COM> David Greenman writes: >>>>Peter, do you have any progress in this issue for now? >>>>Maybe it is time to commit my fix to -current? >> >>> If we decide to change setlogin() so that it only works for session >>>leaders, then I'd prefer that we leave out the printf(). If you want to add >>>that to your own sources, fine, but I prefer to keep console noise minimized >>>to important failures. >> >>Of course. Printf introduced by Peter, I mean "return (EPERM);" here >>not a printf. I refer on my original fix and not to quoted variant >>from Peter. Setlogin must affect only _current_ session as clearly >>said in manpage (and from common sense), so no doubts here. > The current behavior is not inconsistent with the manual page. It says >nothing about a requirement that the session *leader* must be the caller, >only that it affects the current session. Yes, but if it isn't leader, it affects *all* sessions, not current one only, it is main bug. As manpage additionly says, it happens "only when new session is being created", it assumes session leader too. I think we need to ask someone from BSD group, what they keep in mind exactly on this thing. Can you contact such person, please? -- Andrey A. Chernov : And I rest so composedly, /Now, in my bed, ache@astral.msk.su : That any beholder /Might fancy me dead - http://dt.demos.su/~ache : Might start at beholding me, /Thinking me dead. RELCOM Team,FreeBSD Team : E.A.Poe From "For Annie" 1849