From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/826 Path: news.gmane.org!not-for-mail From: Rich Felker Newsgroups: gmane.linux.lib.musl.general Subject: Re: make -i with linux-pam Date: Tue, 15 May 2012 23:24:49 -0400 Message-ID: <20120516032449.GU163@brightrain.aerifal.cx> References: <20120513205824.16f08160@newbook> <20120514041106.GS163@brightrain.aerifal.cx> <20120514170931.5ebe58cf@newbook> Reply-To: musl@lists.openwall.com NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Trace: dough.gmane.org 1337139027 31096 80.91.229.3 (16 May 2012 03:30:27 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Wed, 16 May 2012 03:30:27 +0000 (UTC) To: musl@lists.openwall.com Original-X-From: musl-return-827-gllmg-musl=m.gmane.org@lists.openwall.com Wed May 16 05:30:26 2012 Return-path: Envelope-to: gllmg-musl@plane.gmane.org Original-Received: from mother.openwall.net ([195.42.179.200]) by plane.gmane.org with smtp (Exim 4.69) (envelope-from ) id 1SUUwP-0006fc-Uj for gllmg-musl@plane.gmane.org; Wed, 16 May 2012 05:30:22 +0200 Original-Received: (qmail 32673 invoked by uid 550); 16 May 2012 03:30:21 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: Original-Received: (qmail 32665 invoked from network); 16 May 2012 03:30:20 -0000 Content-Disposition: inline In-Reply-To: <20120514170931.5ebe58cf@newbook> User-Agent: Mutt/1.5.21 (2010-09-15) Xref: news.gmane.org gmane.linux.lib.musl.general:826 Archived-At: On Mon, May 14, 2012 at 05:09:31PM -0700, Isaac Dunham wrote: > On Mon, 14 May 2012 00:11:06 -0400 > Rich Felker wrote: > > > On Sun, May 13, 2012 at 08:58:24PM -0700, Isaac Dunham wrote: > > > .libs/pam_group.o: In function `check_account': > > > pam_group.c:(.text+0x12fe): undefined reference to `innetgr' > > > innetgr stub attached as patch. Patch missing. But I think it should just be extra aliases in src/network/ent.c... > Due to what logwtmp does (construct a wtmp log entry, then add to the > system logfile), a stub doesn't sound sensible unless you > actually want all logins to go unrecorded...however, it looks close to > trivial to actually implement. Syslog is for recording login events in the proper way (private/confidential for only admins to see). utmp and wtmp are misguided, insecure practices from the 1980s culture where it was considered rude to put a password on your unix account; they exist to publish to the world (well, everyone with accounts on the machine) your login status and the history of your logins. If this weren't a sufficiently serious privacy breach in itself, the api for writing these entries also requires that you have access to the utmp/wtmp files for write, meaning historically all programs that wrote them had suid-root (and later sgid-utmp), resulting in countless serious vulns. If someone wants to present a good argument FOR supporting utmp/wtmp, I'm willing to listen and consider it, but in the absence of that I think making them silently ignore attempts to write anything is the most useful behavior from a privacy and security standpoint. [Actually, anybody up for writing a modern implementation of utmp/wtmp? Ιt would include an https implementation to log into Facebook/Twitter (your preference!) and publish the date, time, ip address, etc. of your login as your status update/tweet for the whole world to see!] > The BSDs implement this with strncpy--should an implementation for > musl use XOPEN or GNU functions only, or are strn* acceptable? Huh? strncpy is pure C; it's always available to use. Rich