From owner-freebsd-security@FreeBSD.ORG Tue Mar 31 13:00:21 2015 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B0211988 for ; Tue, 31 Mar 2015 13:00:21 +0000 (UTC) Received: from zxy.spb.ru (zxy.spb.ru [195.70.199.98]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 66309E94 for ; Tue, 31 Mar 2015 13:00:21 +0000 (UTC) Received: from slw by zxy.spb.ru with local (Exim 4.84 (FreeBSD)) (envelope-from ) id 1YcvmE-0006FT-C3; Tue, 31 Mar 2015 16:00:18 +0300 Date: Tue, 31 Mar 2015 16:00:18 +0300 From: Slawa Olhovchenkov To: Willem Jan Withagen Subject: Re: ftpd don't record login in utmpx Message-ID: <20150331130018.GA23643@zxy.spb.ru> References: <20150330142543.GD74532@zxy.spb.ru> <44y4me9gfi.fsf@lowell-desk.lan> <20150331034402.GE74532@zxy.spb.ru> <551A561C.5000904@digiware.nl> <20150331084426.GX23643@zxy.spb.ru> <551A6A1D.5030307@digiware.nl> <20150331094915.GY23643@zxy.spb.ru> <551A76B4.6050306@digiware.nl> <20150331110215.GZ23643@zxy.spb.ru> <551A9759.2020004@digiware.nl> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <551A9759.2020004@digiware.nl> User-Agent: Mutt/1.5.23 (2014-03-12) X-SA-Exim-Connect-IP: X-SA-Exim-Mail-From: slw@zxy.spb.ru X-SA-Exim-Scanned: No (on zxy.spb.ru); SAEximRunCond expanded to false Cc: freebsd-security@freebsd.org X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 31 Mar 2015 13:00:21 -0000 On Tue, Mar 31, 2015 at 02:47:21PM +0200, Willem Jan Withagen wrote: > On 31-3-2015 13:02, Slawa Olhovchenkov wrote: > > On Tue, Mar 31, 2015 at 12:28:04PM +0200, Willem Jan Withagen wrote: > > > >>>> Slawa, > >>>> > >>>> I can't tell you that, but it is in r202209. And you can ask the one > >>>> that removed it (ed@). :) > >>>> Like r202209 says 5 years ago: > >>>> Maybe we can address this in the future if it turns out to be a > >>>> real issue. > >>> > >>> What about issue talk? > >>> Opened file outside chroot? /dev/null and /var/run/logpriv still opened. > >>> Disabling logging for chrooted accounts? Realy?! > >> > >> Read the submit message!? The reason is there, nothing with security as > >> I read it, but it just did not fit into the way the new lib for wtmp > >> worked/works. > > > > I read it. And I don't understund it. May be I don't know somewere. > > Or missed. Can you explain? > > In 9.0 the utmp stuff got rewritten, IIRC by Ed Schouten. But with the > consequence that the API changed. And now it is no longer possible > * to open a file at init, > * keep it open while chrooting. > * write records when needed. > The interface is just completely different. > > Check: > man utempter_add_record > > If you want the old behaviour, you have to dig into the code, and DIY. I understund, thanks. > > Bluntly put: I don't think anybody is going to fix YOUR problem. If only > because in 5 years time nobody had an issue with it. Now I see root of problem. I can choose what do: patch ftpd, do nothing or something else.