Re: devfs question

• Next message: Jan Harkes: "Re: [patch-2.4.0-test5-pre1] nullfs and forced umount"
• Previous message: George Anzinger: "C issues with spinlocks and preemption"
• Next in thread: Khimenko Victor: "Re: devfs question"
• Maybe reply: Khimenko Victor: "Re: devfs question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Khimenko Victor writes:
> In <39709DC8.D460C273@wanadoo.fr> Martin Costabel (costabel@wanadoo.fr) wrote:
> > John Covici wrote:
> >>
> >> Hi. I was reading the readme in the 2.4.0-test2 kernel documentation
> >> tree for defs when I ran into the following mysterious passage
> >>
> >> /etc/securetty
> >> PAM (Pluggable Authentication Modules) is supposed to be a flexible
> >> mechanism for providing better user authentication and access to
> >> services. Unfortunately, it's also fragile, complex and undocumented
> >> (check out RedHat 6.1, and probably other distributions as well). PAM
> >> has problems with symbolic links. Append the following lines to your
> >> /etc/securetty file:
> >>
> >> 1
> >> 2
> >> 3
> >> 4
> >> 5
> >> 6
> >> 7
> >> 8
> >>
> >> What does this mean since /etc/security is a directory and where
> >> shhould these lines go anyway?
>
> > Isn't that obsolete anyway?
>
> It is.
>
> > The devfs documentation does not always follow the devfs API changes.
>
> True, but it's not the case.
>
> > In any case, if I want to login as root, I have to put
>
> > vc/1
> > vc/2
>
> > and so on into /etc/securetty.
>
> Correct. This is since my one-liner change was incorporated in
> linux-utils (NOT in devfs!) more then 8 months ago. So it can be
> true or false depending on version of linux-utils NOT depending on
> version of devfs. With old linux-utils you can write "0" in
> securetty and suddenly root login will be allowed from /dev/vc/0,
> /dev/pts/0, /dev/tts/0 - in fact <anything>/0 was allowed. Since it
> does not look good from security standpoint linux-utils were
> patched. Now you can specify what you REALLY want: vc/0 or tts/0 ...

So when did this patch go in? I'd like to be able to refer to a
specific version of util-linux rather than just say "recent".
Also, what was the patch?

                                Regards,

                                        Richard....
Permanent: rgooch@atnf.csiro.au
Current: rgooch@ras.ucalgary.ca

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Jan Harkes: "Re: [patch-2.4.0-test5-pre1] nullfs and forced umount"
• Previous message: George Anzinger: "C issues with spinlocks and preemption"
• Next in thread: Khimenko Victor: "Re: devfs question"
• Maybe reply: Khimenko Victor: "Re: devfs question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Sun Jul 23 2000 - 21:00:11 EST