Skip Menu |

Download (untitled) / with headers
text/plain 3.6KiB
From Tue Mar 3 10:51:31 1998
Received: from MIT.EDU (PACIFIC-CARRIER-ANNEX.MIT.EDU []) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id KAA21107 for <bugs@RT-11.MIT.EDU>; Tue, 3 Mar 1998 10:51:26 -0500
Received: from by MIT.EDU with SMTP
id AA14779; Tue, 3 Mar 98 10:51:51 EST
Received: from by with ESMTP
(peer crosschecked as: [])
id KAA00658; Tue, 3 Mar 1998 10:51:24 -0500 (EST)
Received: by
id KAA28964; Tue, 3 Mar 1998 10:51:24 -0500 (EST)
Message-Id: <>
Date: Tue, 3 Mar 1998 10:51:24 -0500 (EST)
From: (Chris P. Ross)
To: krb5-bugs@MIT.EDU
Subject: Bug in BSD utmp/wtmp handling
X-Send-Pr-Version: 3.99

Show quoted text
>Number: 554
>Category: pty
>Synopsis: telnetd makes bogus utmp/wtmp entries on bsd systems
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: hartmans
>State: closed
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Tue Mar 03 10:52:00 EST 1998
>Last-Modified: Thu Mar 12 18:15:21 EST 1998
>Originator: Chris P. Ross
UUNET Technologies, Inc.
Show quoted text
>Release: krb5-1.0.4
x86 & sparc ; BSD/OS 3.1
System: BSD/OS 3.1 BSDI BSD/OS 3.1 Kernel #5: Fri Nov 21 16:28:46 EST 1997 i386

Show quoted text
On a BSD/OS system, or presumedly any BSD based system (where
struct utmp has no ut_type entry), you cannot write the PTY_LOGIN_PROCESS
utmp entries out. If you do, having no ut_type field, it will show up
as the equilavelnt of a SysV USER_PROCESS type entry, and be reported
erroniously in last(1). It would presumedly also show up in the utmp file
before login writes out the new (correct) record. The latter is a lesser
problem, but still arguably wrong. The extra grot in the wtmp file is a
*big* problem.
Show quoted text
Compile telnetd on a BSD machine. When you telnet to the machine
you've got the krb5 telnetd configured to run on, last(1) will show:

cross ttyp0 Tue Mar 3 10:38 still logged in
LOGIN ttyp0 Tue Mar 3 10:38 - 10:38 (00:00)
cross ttyp1 Mon Mar 2 23:40 - 23:48 (00:08)
LOGIN ttyp1 Mon Mar 2 23:40 - 23:40 (00:00)

Show quoted text
I believe the following patch will retain the functionality on
systems with a ut_type entry, but prevent the bogus utmp/wtmp entries on
systems without it.

Index: src/util/pty/update_utmp.c
RCS file: /export/src/CVS/usr.local/krb5/src/util/pty/update_utmp.c,v
retrieving revision
diff -c -r1.1.1.1 update_utmp.c
*** update_utmp.c 1997/12/17 15:15:10
--- update_utmp.c 1998/03/03 15:42:53
*** 70,75 ****
--- 70,84 ----
+ #else
+ /* If we have no ut_pid, we assume we also have no ut_type.
+ * If we have no ut_type, then don't write things other than
+ * type == USER_PROCESS, since everything in the utmp/wtmp will
+ * show up as a user process if written...
+ */
+ if (process_type != PTY_USER_PROCESS) {
+ return(0);
+ }
#endif /*NO_UT_PID*/

#ifndef NO_UT_HOST
Show quoted text

State-Changed-From-To: open-closed
State-Changed-By: tlyu
State-Changed-When: Thu Mar 12 18:15:01 1998

same as pty/531; already fixed.

Show quoted text