Privsep and AIX..
Gert Doering
gert at greenie.muc.de
Tue Jun 25 07:56:16 EST 2002
Hi,
On Mon, Jun 24, 2002 at 04:34:53PM -0500, Ben Lindstrom wrote:
> I sent the first one privately to Darren, but I think everyone with AIX
> (and those WORKING for IBM) should comment on this...
>
> First off I noticed LOGIN= is stated as it should be set, but is not. Not
> an issue for Privsep... but either the manpage needs to be clarified, or
> we should add it.
For my initial usrinfo hack, I just looked at what AIX rlogind is setting,
and it does not set LOGIN= - just LOGNAME, NAME, TTY. So that's what
my patch did.
> Second, what happens if TTY is always set to null? Reason being is
> privsep occurs long before Session *s; even has a hint of knowing the
> current TTY from the looks of it. And by than we are too late.
>
> Can someone from IBM tell me what ramification setting TTY=null for
> userinfo(SETUINFO,..) if the process has a tty?
I'm not sure about that. "Our" legacy application that uses usrinfo
looks only at NAME=, and doesn't care about TTY. I have no idea what
other applications might make use of this.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert.doering at physik.tu-muenchen.de
More information about the openssh-unix-dev
mailing list