From hartmans@MIT.EDU Sat Dec 28 20:56:49 1996
Received: from MIT.EDU (SOUTH-STATION-ANNEX.MIT.EDU [18.72.1.2]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id UAA01821 for <bugs@RT-11.MIT.EDU>; Sat, 28 Dec 1996 20:56:49 -0500
Received: from STARKILLER.MIT.EDU by MIT.EDU with SMTP
id AA11787; Sat, 28 Dec 96 20:56:48 EST
Received: by starkiller.MIT.EDU (5.x/4.7) id AA03923; Sat, 28 Dec 1996 20:56:48 -0500
Message-Id: <9612290156.AA03923@starkiller.MIT.EDU>
Date: Sat, 28 Dec 1996 20:56:48 -0500
From: hartmans@MIT.EDU
Reply-To: hartmans@MIT.EDU
To: krb5-bugs@MIT.EDU
Subject: for 1.0 patch: rlogin preserves HOME, USER, etc
X-Send-Pr-Version: 3.99
System: SunOS starkiller 5.4 Generic_101945-37 sun4m sparc
preserve the TERM environment variable. This exposes a bug where
login only sets HOME, USER and several other environment variables if
they are not already set.
This conflicts with the behavior of 4.4BSD and my opinion about what should happen.
Log into a system using rlogin out of 1.0 and look at $HOME.
I propose a two part fix. For the 1.0 patch release I propose
to make login always set these variables. It may be a security issue
in some environments not to do so and it is the correct behavior for
login.
In addition, I don't think klogind really needs to pass -p to
login; I am fairly certain that it will always respect the caller's
TERM. If it does not, I think adding this functionality would be
appropriate. I will investigate this for the mainline.
Responsible-Changed-From-To: krb5-unassigned->hartmans
Responsible-Changed-By: hartmans
Responsible-Changed-When: Sat Dec 28 21:04:10 1996
Responsible-Changed-Why:
Already have preliminary fix.
From: Sam Hartman <hartmans@MIT.EDU>
To: krb5-bugs@MIT.EDU, krb5-prs@RT-11.MIT.EDU
Cc: tytso@MIT.EDU
Subject: krb5-appl/326: a patch for the 1.0 patch release
Date: Sat, 28 Dec 1996 21:17:15 -0500 (EST)
Please apply the following patch to the release branch to fix
a problem where login incorrectly fails to overide important
environment variables.
Index: ChangeLog
===================================================================
RCS file: /mit/krbdev/.cvsroot/src/appl/bsd/ChangeLog,v
retrieving revision 5.229
diff -c -r5.229 ChangeLog
*** ChangeLog 1996/12/24 21:09:56 5.229
--- ChangeLog 1996/12/29 02:09:03
***************
*** 1,3 ****
--- 1,8 ----
+ Sat Dec 28 21:06:43 1996 Sam Hartman <hartmans@luminous.MIT.EDU>
+
+ * login.c: Force environment variables like HOME to be set even if
+ -p given.
+
Tue Dec 24 16:08:41 1996 Tom Yu <tlyu@mit.edu>
* configure.in: Fix up "test $ac_cv_c_cross" to deal with
Index: login.c
===================================================================
RCS file: /mit/krbdev/.cvsroot/src/appl/bsd/login.c,v
retrieving revision 5.60
diff -c -r5.60 login.c
*** login.c 1996/12/13 19:14:43 5.60
--- login.c 1996/12/29 02:09:02
***************
*** 1829,1844 ****
read_env_vars_from_file ("/etc/TIMEZONE");
#else
if (tz)
! setenv ("TZ", tz, 0);
#endif
if (ccname)
! setenv("KRB5CCNAME", ccname, 0);
! setenv("HOME", pwd->pw_dir, 0);
! setenv("PATH", LPATH, 0);
! setenv("USER", pwd->pw_name, 0);
! setenv("SHELL", pwd->pw_shell, 0);
if (term[0] == '\0')
(void) strncpy(term, stypeof(tty), sizeof(term));
--- 1829,1844 ----
read_env_vars_from_file ("/etc/TIMEZONE");
#else
if (tz)
! setenv ("TZ", tz, 1);
#endif
if (ccname)
! setenv("KRB5CCNAME", ccname, 1);
! setenv("HOME", pwd->pw_dir, 1);
! setenv("PATH", LPATH, 1);
! setenv("USER", pwd->pw_name, 1);
! setenv("SHELL", pwd->pw_shell, 1);
if (term[0] == '\0')
(void) strncpy(term, stypeof(tty), sizeof(term));
State-Changed-From-To: open-feedback
State-Changed-By: tlyu
State-Changed-When: Thu Feb 13 19:02:43 1997
State-Changed-Why:
Patch appears to have been applied;
appl/bsd/login.c 5.60 -> 5.61
From: Sam Hartman <hartmans@MIT.EDU>
To: Tom Yu <tlyu@MIT.EDU>
Cc: Sam Hartman <hartmans@MIT.EDU>, krb5-bugs@MIT.EDU
Subject: Re: krb5-appl/326: for 1.0 patch: rlogin preserves HOME, USER, etc
Date: 15 Feb 1997 13:12:07 -0500
I have applied the patch, but there is still a random bug I'm
seeing on Linux. Also, I am following up with ghudson on a
few other unfortunate consequences of using login -p.
--Sam
From: Sam Hartman <hartmans@MIT.EDU>
To: krb5-bugs@MIT.EDU
Cc: ghudson@MIT.EDU, krbdev@MIT.EDU
Subject: krb5-appl/326: Solution for Athena
Date: Tue, 18 Mar 1997 12:43:12 -0500 (EST)
It has become apparent that this bug (login not setting HOME,
etc) is annoying for the Athena 8.1 release. My previous patch
eleviates most of the problem, but replaces it with another annoying
behavior.
If inetd or klogind in debug is started with a environment
containing user variables, these variables are preserved when klogind
calls login, and because the -p option is used to login, by login
itself. Thus, the user logging in gets some of the environment
variables of whoever ran inetd.
Unfortunately, we (Kerberos) cannot remove -p from the call to
login because if we do so, TERM will not be preserved by login.krb5 or
some of the vendor logins. I propose to fix this in the following
manner:
* I will add support to login.krb5 to preserve the TERM variable
without the -p option for the patch1 release.
* For patch1, krb5 will continue to pass -p from klogind to
login.krb5, so that vendor logins can be used.
* Athena 8.1 will include a local modification to klogind to remove
the -p option, since Athena will always use login.krb5.
* A future version of klogind will scrub the environment before
calling login, preserving TERM.
State-Changed-From-To: feedback-closed
State-Changed-By: tlyu
State-Changed-When: Fri May 30 15:54:15 1997
State-Changed-Why:
1.0-pl1 has been released
Received: from MIT.EDU (SOUTH-STATION-ANNEX.MIT.EDU [18.72.1.2]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id UAA01821 for <bugs@RT-11.MIT.EDU>; Sat, 28 Dec 1996 20:56:49 -0500
Received: from STARKILLER.MIT.EDU by MIT.EDU with SMTP
id AA11787; Sat, 28 Dec 96 20:56:48 EST
Received: by starkiller.MIT.EDU (5.x/4.7) id AA03923; Sat, 28 Dec 1996 20:56:48 -0500
Message-Id: <9612290156.AA03923@starkiller.MIT.EDU>
Date: Sat, 28 Dec 1996 20:56:48 -0500
From: hartmans@MIT.EDU
Reply-To: hartmans@MIT.EDU
To: krb5-bugs@MIT.EDU
Subject: for 1.0 patch: rlogin preserves HOME, USER, etc
X-Send-Pr-Version: 3.99
Show quoted text
>Number: 326
>Category: krb5-appl
>Synopsis: for 1.0 patch: rlogin preserves HOME, USER, etc
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: hartmans
>State: closed
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Sat Dec 28 20:57:00 EST 1996
>Last-Modified: Fri May 30 15:54:33 EDT 1997
>Originator: Sam Hartman
>Organization:
mit>Category: krb5-appl
>Synopsis: for 1.0 patch: rlogin preserves HOME, USER, etc
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: hartmans
>State: closed
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Sat Dec 28 20:57:00 EST 1996
>Last-Modified: Fri May 30 15:54:33 EDT 1997
>Originator: Sam Hartman
>Organization:
Show quoted text
>Release: 1.0-development
>Environment:
>Environment:
System: SunOS starkiller 5.4 Generic_101945-37 sun4m sparc
Show quoted text
>Description:
A recent change causes klogind to be called with -p in order topreserve the TERM environment variable. This exposes a bug where
login only sets HOME, USER and several other environment variables if
they are not already set.
This conflicts with the behavior of 4.4BSD and my opinion about what should happen.
Show quoted text
>How-To-Repeat:
Log into a system using rlogin out of 1.0 and look at $HOME.
Show quoted text
>Fix:
I propose a two part fix. For the 1.0 patch release I propose
to make login always set these variables. It may be a security issue
in some environments not to do so and it is the correct behavior for
login.
In addition, I don't think klogind really needs to pass -p to
login; I am fairly certain that it will always respect the caller's
TERM. If it does not, I think adding this functionality would be
appropriate. I will investigate this for the mainline.
Show quoted text
>Audit-Trail:
Responsible-Changed-From-To: krb5-unassigned->hartmans
Responsible-Changed-By: hartmans
Responsible-Changed-When: Sat Dec 28 21:04:10 1996
Responsible-Changed-Why:
Already have preliminary fix.
From: Sam Hartman <hartmans@MIT.EDU>
To: krb5-bugs@MIT.EDU, krb5-prs@RT-11.MIT.EDU
Cc: tytso@MIT.EDU
Subject: krb5-appl/326: a patch for the 1.0 patch release
Date: Sat, 28 Dec 1996 21:17:15 -0500 (EST)
Please apply the following patch to the release branch to fix
a problem where login incorrectly fails to overide important
environment variables.
Index: ChangeLog
===================================================================
RCS file: /mit/krbdev/.cvsroot/src/appl/bsd/ChangeLog,v
retrieving revision 5.229
diff -c -r5.229 ChangeLog
*** ChangeLog 1996/12/24 21:09:56 5.229
--- ChangeLog 1996/12/29 02:09:03
***************
*** 1,3 ****
--- 1,8 ----
+ Sat Dec 28 21:06:43 1996 Sam Hartman <hartmans@luminous.MIT.EDU>
+
+ * login.c: Force environment variables like HOME to be set even if
+ -p given.
+
Tue Dec 24 16:08:41 1996 Tom Yu <tlyu@mit.edu>
* configure.in: Fix up "test $ac_cv_c_cross" to deal with
Index: login.c
===================================================================
RCS file: /mit/krbdev/.cvsroot/src/appl/bsd/login.c,v
retrieving revision 5.60
diff -c -r5.60 login.c
*** login.c 1996/12/13 19:14:43 5.60
--- login.c 1996/12/29 02:09:02
***************
*** 1829,1844 ****
read_env_vars_from_file ("/etc/TIMEZONE");
#else
if (tz)
! setenv ("TZ", tz, 0);
#endif
if (ccname)
! setenv("KRB5CCNAME", ccname, 0);
! setenv("HOME", pwd->pw_dir, 0);
! setenv("PATH", LPATH, 0);
! setenv("USER", pwd->pw_name, 0);
! setenv("SHELL", pwd->pw_shell, 0);
if (term[0] == '\0')
(void) strncpy(term, stypeof(tty), sizeof(term));
--- 1829,1844 ----
read_env_vars_from_file ("/etc/TIMEZONE");
#else
if (tz)
! setenv ("TZ", tz, 1);
#endif
if (ccname)
! setenv("KRB5CCNAME", ccname, 1);
! setenv("HOME", pwd->pw_dir, 1);
! setenv("PATH", LPATH, 1);
! setenv("USER", pwd->pw_name, 1);
! setenv("SHELL", pwd->pw_shell, 1);
if (term[0] == '\0')
(void) strncpy(term, stypeof(tty), sizeof(term));
State-Changed-From-To: open-feedback
State-Changed-By: tlyu
State-Changed-When: Thu Feb 13 19:02:43 1997
State-Changed-Why:
Patch appears to have been applied;
appl/bsd/login.c 5.60 -> 5.61
From: Sam Hartman <hartmans@MIT.EDU>
To: Tom Yu <tlyu@MIT.EDU>
Cc: Sam Hartman <hartmans@MIT.EDU>, krb5-bugs@MIT.EDU
Subject: Re: krb5-appl/326: for 1.0 patch: rlogin preserves HOME, USER, etc
Date: 15 Feb 1997 13:12:07 -0500
I have applied the patch, but there is still a random bug I'm
seeing on Linux. Also, I am following up with ghudson on a
few other unfortunate consequences of using login -p.
--Sam
From: Sam Hartman <hartmans@MIT.EDU>
To: krb5-bugs@MIT.EDU
Cc: ghudson@MIT.EDU, krbdev@MIT.EDU
Subject: krb5-appl/326: Solution for Athena
Date: Tue, 18 Mar 1997 12:43:12 -0500 (EST)
It has become apparent that this bug (login not setting HOME,
etc) is annoying for the Athena 8.1 release. My previous patch
eleviates most of the problem, but replaces it with another annoying
behavior.
If inetd or klogind in debug is started with a environment
containing user variables, these variables are preserved when klogind
calls login, and because the -p option is used to login, by login
itself. Thus, the user logging in gets some of the environment
variables of whoever ran inetd.
Unfortunately, we (Kerberos) cannot remove -p from the call to
login because if we do so, TERM will not be preserved by login.krb5 or
some of the vendor logins. I propose to fix this in the following
manner:
* I will add support to login.krb5 to preserve the TERM variable
without the -p option for the patch1 release.
* For patch1, krb5 will continue to pass -p from klogind to
login.krb5, so that vendor logins can be used.
* Athena 8.1 will include a local modification to klogind to remove
the -p option, since Athena will always use login.krb5.
* A future version of klogind will scrub the environment before
calling login, preserving TERM.
State-Changed-From-To: feedback-closed
State-Changed-By: tlyu
State-Changed-When: Fri May 30 15:54:15 1997
State-Changed-Why:
1.0-pl1 has been released
Show quoted text
>Unformatted: