[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: PAMified login?



   From: Marek Michalkiewicz <marekm@i17linuxb.ists.pwr.wroc.pl>
   Date: Tue, 2 Jul 1996 18:07:48 +0200 (MET DST)

   Speaking of login: does anyone know if the vhangup() thing in
   the util-linux login is still necessary?  Comments indicate
   that it was added back in the old days of Linux 0.12 (!), and
   I haven't seen it in any other login sources (*BSD, logdaemon,
   shadow).

Yes, it's still necessary but you have to make sure it's done right.
The basic idea is to prevent an attacker from leaving a program behind
that has an open file descriptor on the tty.  This could allow the
attacker to steal keystrokes, or stuff characters down the user's login
session. 

What you need to do is to change the tty permissions so that only root
has access to the tty.  Next, grab the tty so that login is the session
leader for the tty (you should use the ioctl so that you can steal the
tty from any other process that may have the tty open), and then call
vhangup to force all other processes off of the tty.  Portability
concerns then dictates that you open another file descriptor for that
tty, and only then close the first file descriptor (which is now hung
up) that you used initially to open the tty.  It's not necessary for
Linux, but it is necessary for some other operating systems.

							- Ted



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []