From owner-freebsd-security Sat Sep 22 1:43:48 2001 Delivered-To: freebsd-security@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id A826337B411 for ; Sat, 22 Sep 2001 01:43:44 -0700 (PDT) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id f8M8hQ481086; Sat, 22 Sep 2001 12:43:26 +0400 (MSD) (envelope-from ache) Date: Sat, 22 Sep 2001 12:43:26 +0400 From: "Andrey A. Chernov" To: Marc Rogers Cc: Peter Pentchev , Rob Andrews , FreeBSD-Security@FreeBSD.ORG Subject: Re: login_conf vulnerability. Message-ID: <20010922124326.A81031@nagual.pp.ru> References: <20010921124410.D99287@shady.org> <20010921154834.B619@ringworld.oblivion.bg> <20010921075540.B71120@switchblade.cyberpunkz.org> <20010921160243.C619@ringworld.oblivion.bg> <20010921141937.N99287@shady.org> <20010921173502.A62350@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20010921173502.A62350@nagual.pp.ru> User-Agent: Mutt/1.3.21i Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, Sep 21, 2001 at 17:35:03 +0400, Andrey A. Chernov wrote: > On Fri, Sep 21, 2001 at 14:19:37 +0100, Marc Rogers wrote: > > > > :copyright=/etc/master.passwd: > > It is SSH+LOGIN_CAP integration bug. SSH should call setusercontext() > before accessing "copyright" and "welcome" properties, as /usr/bin/login > does. Giving more details, copyright and motd printing code must be moved from do_login() to do_child(), after setusercontext() /session.c file/ It seems the patch will be easy, maybe I'll come with some variant. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message