From owner-freebsd-security  Thu Feb 26 00:16:06 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id AAA12292
          for freebsd-security-outgoing; Thu, 26 Feb 1998 00:16:06 -0800 (PST)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from door.sniff.ct-net.de (door.sniff.ct-net.de [195.4.160.35])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id AAA12285
          for <freebsd-security@freebsd.org>; Thu, 26 Feb 1998 00:16:03 -0800 (PST)
          (envelope-from marc@sniff.ct-net.de)
From: marc@sniff.ct-net.de
Received: (from uucp@localhost)
	by door.sniff.ct-net.de (8.8.7/8.8.7/mb-b) with UUCP id IAA02361
	for freebsd-security@freebsd.org; Thu, 26 Feb 1998 08:15:43 GMT
Received: (from marc@localhost)
	by home.sniff.ct-net.de (8.8.7/8.8.7/mb-b) id IAA01580
	for freebsd-security@freebsd.org; Thu, 26 Feb 1998 08:14:38 GMT
Message-Id: <199802260814.IAA01580@home.sniff.ct-net.de>
Subject: login.access weakness
To: freebsd-security@FreeBSD.ORG (FreeBSD Security List)
Date: Thu, 26 Feb 1998 08:14:37 +0000 (GMT)
X-Mailer: ELM [version 2.4ME+ PL32 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk

Hello!

(Never heard of this, so it should be new?)
On a 2.2.2 box I found the following behaviour which I think
is a bug:

in /etc/login.access

-:testuser: ALL EXCEPT ttyv0 ttyv1 ttyv2 ttyv3 ttyv4 ttyv5 ttyv6 ttyv7

and in 192.168.254.zone

10         IN PTR        ttyv7.

(192.168.254.x is the private address space I use for my small
 test-network. The file 192.168.254.zone is the reverse-mapping
 for the DNS bind)

I expected the login.access line to prevent any login from the
net. This works for a telnet from a system with e.g. 192.168.254.2.
But from a computer with the IP address 192.168.254.10 one is able
to login into testuser.

Can anyone else confirm this? Is this a bug or did I do a mistake?
The login process should look for at least do.main, right?
Or is there anyone out in the internet with a toplevel hostname? ;)

Regards, Marc
-- 
Marc Binderberger                                 97076 Wuerzburg, Germany
marc@sniff.ct-net.de                              Powered by FreeBSD ;-)

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message