Date: Sun, 22 Dec 1996 06:38:49 -0800 (PST) From: Joerg Wunsch <joerg> To: ciaran@aldhfn.aldhfn.org, joerg, freebsd-bugs Subject: Re: bin/2092 Message-ID: <199612221438.GAA05158@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
Synopsis: rlogind not using passwords
State-Changed-From-To: open-feedback
State-Changed-By: joerg
State-Changed-When: Sun Dec 22 15:10:13 MET 1996
State-Changed-Why:
The behaviour described in this PR cannot be seen on any other FreeBSD system
around. Please make sure that your sysstem has not been hacked.
Try adding some debugging syslog() lines to rlogind, to make sure
what's happening. REplace the function do_rlogin() in
/usr/src/libexec/rlogind/rlogind.c with:
int
do_rlogin(dest)
struct sockaddr_in *dest;
{
int rv;
getstr(rusername, sizeof(rusername), "remuser too long");
getstr(lusername, sizeof(lusername), "locuser too long");
getstr(term+ENVSIZE, sizeof(term)-ENVSIZE, "Terminal type too long");
pwd = getpwnam(lusername);
if (pwd == NULL)
return (-1);
/* XXX why don't we syslog() failure? */
rv = (iruserok(dest->sin_addr.s_addr, pwd->pw_uid == 0,
rusername, lusername));
syslog(LOG_DEBUG,
"do_rlogin(): from %s, ruser %s, luser %s, iruserok(): %d",
inet_ntoa(dest->sin_addr.s_addr), rusername,
lusername, rv);
return (rv);
}
Make sure to catch the syslog output somewhere, prefarably on
another host. You might want to make the logging conditional
on some username or IP address.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199612221438.GAA05158>