[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [linux-security] Re: denial of service attack on login



Chris Adams:
> > 	joe$ nvi /var/log/wtmp
> > 
> > 	[ Now no-one else can log in ]
> 
> This doesn't seem to happen on my system - RedHat 3.0.3 + shadow
> passwords.  My /bin/login comes from shadow-960810-1.  Maybe the
> shadow passowrd suite doesn't try to lock wtmp?

Yes.  It shouldn't be necessary - the O_APPEND open() flag should be
enough to guarantee atomic writes at end of file (it's a kernel bug
if it doesn't).  Original *BSD login sources don't lock wtmp either,
but util-linux does.  Perhaps O_APPEND didn't work right on old
kernels?  Remember util-linux login was ported to Linux 0.12 :-).

Marek



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]