Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 16 Apr 2001 18:26:28 +0300 (IDT)
From:      Roman Shterenzon <roman@xpert.com>
To:        Alfred Perlstein <bright@wintelcom.net>
Cc:        <security@freebsd.org>
Subject:   Re: 4.3rc2: if=/etc/issue in /etc/gettytab is not respected
Message-ID:  <Pine.LNX.4.30.0104161825510.32275-100000@jamus.xpert.com>
In-Reply-To: <20010403160232.I12164@fw.wintelcom.net>
next in thread | previous in thread | raw e-mail | index | archive | help 

So I guess the RELEASE will be made with this bug :(

On Tue, 3 Apr 2001, Alfred Perlstein wrote:

> * Roman Shterenzon <roman@xpert.com> [010403 15:35] wrote:
> > With enough attention and code analysis, that could be made before
> > 4.3-RELEASE. There's almost two weeks left, and many people who are
> > willing to test it. Me for example :)
>
> There's basically two telnetd's in the source tree.  When you
> compile and install the one from src/secure/libexec/telnetd you
> get one that doesn't respect the if= directive.  It looks like
> it doesn't even respect the other settings, something to do
> with the USER environment variable.
>
> I've moved this to the security list in an effort to get this
> explained.
>
> Anyone know why this going on?
>
> Basically in "normal" (src/libexec/telnetd.c)
> this:
>     if (getenv("USER"))
>         hostinfo = 0;
> is false, but under "crypto" (src/crypto/telnet/telnetd/telnetd.c)
> it's true and therefore doesn't display the login info.
>
>
> --
> -Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org]
> Instead of asking why a piece of software is using "1970s technology,"
> start asking why software is ignoring 30 years of accumulated wisdom.
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>

--Roman Shterenzon, UNIX System Administrator and Consultant
[ Xpert UNIX Systems Ltd., Herzlia, Israel. Tel: +972-9-9522361 ]


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.30.0104161825510.32275-100000>