Content-Type: text/plain Content-Disposition: inline Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.411 (Entity 5.404) X-RT-Original-Encoding: iso-8859-1 Content-Length: 6494 From hartmans@MIT.EDU Sat Dec 28 20:56:49 1996 Received: from MIT.EDU (SOUTH-STATION-ANNEX.MIT.EDU [18.72.1.2]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id UAA01821 for ; Sat, 28 Dec 1996 20:56:49 -0500 Received: from STARKILLER.MIT.EDU by MIT.EDU with SMTP id AA11787; Sat, 28 Dec 96 20:56:48 EST Received: by starkiller.MIT.EDU (5.x/4.7) id AA03923; Sat, 28 Dec 1996 20:56:48 -0500 Message-Id: <9612290156.AA03923@starkiller.MIT.EDU> Date: Sat, 28 Dec 1996 20:56:48 -0500 From: hartmans@MIT.EDU Reply-To: hartmans@MIT.EDU To: krb5-bugs@MIT.EDU Subject: for 1.0 patch: rlogin preserves HOME, USER, etc X-Send-Pr-Version: 3.99 >Number: 326 >Category: krb5-appl >Synopsis: for 1.0 patch: rlogin preserves HOME, USER, etc >Confidential: no >Severity: serious >Priority: high >Responsible: hartmans >State: closed >Class: sw-bug >Submitter-Id: unknown >Arrival-Date: Sat Dec 28 20:57:00 EST 1996 >Last-Modified: Fri May 30 15:54:33 EDT 1997 >Originator: Sam Hartman >Organization: mit >Release: 1.0-development >Environment: System: SunOS starkiller 5.4 Generic_101945-37 sun4m sparc >Description: A recent change causes klogind to be called with -p in order to preserve the TERM environment variable. This exposes a bug where login only sets HOME, USER and several other environment variables if they are not already set. This conflicts with the behavior of 4.4BSD and my opinion about what should happen. >How-To-Repeat: Log into a system using rlogin out of 1.0 and look at $HOME. >Fix: I propose a two part fix. For the 1.0 patch release I propose to make login always set these variables. It may be a security issue in some environments not to do so and it is the correct behavior for login. In addition, I don't think klogind really needs to pass -p to login; I am fairly certain that it will always respect the caller's TERM. If it does not, I think adding this functionality would be appropriate. I will investigate this for the mainline. >Audit-Trail: Responsible-Changed-From-To: krb5-unassigned->hartmans Responsible-Changed-By: hartmans Responsible-Changed-When: Sat Dec 28 21:04:10 1996 Responsible-Changed-Why: Already have preliminary fix. From: Sam Hartman To: krb5-bugs@MIT.EDU, krb5-prs@RT-11.MIT.EDU Cc: tytso@MIT.EDU Subject: krb5-appl/326: a patch for the 1.0 patch release Date: Sat, 28 Dec 1996 21:17:15 -0500 (EST) Please apply the following patch to the release branch to fix a problem where login incorrectly fails to overide important environment variables. Index: ChangeLog =================================================================== RCS file: /mit/krbdev/.cvsroot/src/appl/bsd/ChangeLog,v retrieving revision 5.229 diff -c -r5.229 ChangeLog *** ChangeLog 1996/12/24 21:09:56 5.229 --- ChangeLog 1996/12/29 02:09:03 *************** *** 1,3 **** --- 1,8 ---- + Sat Dec 28 21:06:43 1996 Sam Hartman + + * login.c: Force environment variables like HOME to be set even if + -p given. + Tue Dec 24 16:08:41 1996 Tom Yu * configure.in: Fix up "test $ac_cv_c_cross" to deal with Index: login.c =================================================================== RCS file: /mit/krbdev/.cvsroot/src/appl/bsd/login.c,v retrieving revision 5.60 diff -c -r5.60 login.c *** login.c 1996/12/13 19:14:43 5.60 --- login.c 1996/12/29 02:09:02 *************** *** 1829,1844 **** read_env_vars_from_file ("/etc/TIMEZONE"); #else if (tz) ! setenv ("TZ", tz, 0); #endif if (ccname) ! setenv("KRB5CCNAME", ccname, 0); ! setenv("HOME", pwd->pw_dir, 0); ! setenv("PATH", LPATH, 0); ! setenv("USER", pwd->pw_name, 0); ! setenv("SHELL", pwd->pw_shell, 0); if (term[0] == '\0') (void) strncpy(term, stypeof(tty), sizeof(term)); --- 1829,1844 ---- read_env_vars_from_file ("/etc/TIMEZONE"); #else if (tz) ! setenv ("TZ", tz, 1); #endif if (ccname) ! setenv("KRB5CCNAME", ccname, 1); ! setenv("HOME", pwd->pw_dir, 1); ! setenv("PATH", LPATH, 1); ! setenv("USER", pwd->pw_name, 1); ! setenv("SHELL", pwd->pw_shell, 1); if (term[0] == '\0') (void) strncpy(term, stypeof(tty), sizeof(term)); State-Changed-From-To: open-feedback State-Changed-By: tlyu State-Changed-When: Thu Feb 13 19:02:43 1997 State-Changed-Why: Patch appears to have been applied; appl/bsd/login.c 5.60 -> 5.61 From: Sam Hartman To: Tom Yu Cc: Sam Hartman , krb5-bugs@MIT.EDU Subject: Re: krb5-appl/326: for 1.0 patch: rlogin preserves HOME, USER, etc Date: 15 Feb 1997 13:12:07 -0500 I have applied the patch, but there is still a random bug I'm seeing on Linux. Also, I am following up with ghudson on a few other unfortunate consequences of using login -p. --Sam From: Sam Hartman To: krb5-bugs@MIT.EDU Cc: ghudson@MIT.EDU, krbdev@MIT.EDU Subject: krb5-appl/326: Solution for Athena Date: Tue, 18 Mar 1997 12:43:12 -0500 (EST) It has become apparent that this bug (login not setting HOME, etc) is annoying for the Athena 8.1 release. My previous patch eleviates most of the problem, but replaces it with another annoying behavior. If inetd or klogind in debug is started with a environment containing user variables, these variables are preserved when klogind calls login, and because the -p option is used to login, by login itself. Thus, the user logging in gets some of the environment variables of whoever ran inetd. Unfortunately, we (Kerberos) cannot remove -p from the call to login because if we do so, TERM will not be preserved by login.krb5 or some of the vendor logins. I propose to fix this in the following manner: * I will add support to login.krb5 to preserve the TERM variable without the -p option for the patch1 release. * For patch1, krb5 will continue to pass -p from klogind to login.krb5, so that vendor logins can be used. * Athena 8.1 will include a local modification to klogind to remove the -p option, since Athena will always use login.krb5. * A future version of klogind will scrub the environment before calling login, preserving TERM. State-Changed-From-To: feedback-closed State-Changed-By: tlyu State-Changed-When: Fri May 30 15:54:15 1997 State-Changed-Why: 1.0-pl1 has been released >Unformatted: