From owner-freebsd-bugs  Wed Oct 10 13:20: 6 2001
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id 7590537B405
	for <freebsd-bugs@hub.freebsd.org>; Wed, 10 Oct 2001 13:20:04 -0700 (PDT)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.11.4/8.11.4) id f9AKK4s45230;
	Wed, 10 Oct 2001 13:20:04 -0700 (PDT)
	(envelope-from gnats)
Date: Wed, 10 Oct 2001 13:20:04 -0700 (PDT)
Message-Id: <200110102020.f9AKK4s45230@freefall.freebsd.org>
To: freebsd-bugs@FreeBSD.org
Cc: 
From: David Malone <dwmalone@maths.tcd.ie>
Subject: Re: misc/31204: FreeBSD login will display secure log notices before password is given
Reply-To: David Malone <dwmalone@maths.tcd.ie>
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-bugs.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-bugs>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-bugs>
X-Loop: FreeBSD.org

The following reply was made to PR misc/31204; it has been noted by GNATS.

From: David Malone <dwmalone@maths.tcd.ie>
To: David Ljung Madison <freebsd.org@daveola.com>
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: Re: misc/31204: FreeBSD login will display secure log notices before password is given
Date: Wed, 10 Oct 2001 21:10:40 +0100

 On Wed, Oct 10, 2001 at 12:05:36PM -0700, David Ljung Madison wrote:
 > I was working on a friend's machine. If you try to login as root, you can see security warnings that only
 > root should see before you ever enter your password. An obvious exploit would be to login to the machine, enter "root" at
 > the login prompt, then sit back and watch security messages, which could
 > be very useful to an attacker to learn about what kind of security the
 > system has implemented
 
 Are you sure you weren't seeing these messages because you were
 logging on to the system console? The default syslog.conf logs a
 selection of messages to the console, including the one for attempted
 root logins. Some of the more sensitive messages shouldn't logged to
 the console.
 
 If you weren't logging in at the console, were you using telnet,
 ssh or another method to log in?
 
 	David.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message