Privsep and AIX..

Tue Jun 25 10:45:47 EST 2002

Would anyone object if we dropped the TTY setting in usrinfo()  move it up
after the irix_*() call in do_setusercontext() and handle the case when
someone whines?  Hopefully by than OSF group will have a patch that we can
tap off of.

If not can one of you two pass me a patch to do it?

Thanks

- Ben

On Mon, 24 Jun 2002, Gert Doering wrote:

> Hi,
>
> On Mon, Jun 24, 2002 at 04:34:53PM -0500, Ben Lindstrom wrote:
> > I sent the first one privately to Darren, but I think everyone with AIX
> > (and those WORKING for IBM) should comment on this...
> >
> > First off I noticed LOGIN= is stated as it should be set, but is not.  Not
> > an issue for Privsep... but either the manpage needs to be clarified, or
> > we should add it.
>
> For my initial usrinfo hack, I just looked at what AIX rlogind is setting,
> and it does not set LOGIN= - just LOGNAME, NAME, TTY.  So that's what
> my patch did.
>
> > Second, what happens if TTY is always set to null?  Reason being is
> > privsep occurs long before Session *s; even has a hint of knowing the
> > current TTY from the looks of it.  And by than we are too late.
> >
> > Can someone from IBM tell me what ramification setting TTY=null for
> > userinfo(SETUINFO,..) if the process has a tty?
>
> I'm not sure about that.  "Our" legacy application that uses usrinfo
> looks only at NAME=, and doesn't care about TTY.  I have no idea what
> other applications might make use of this.
>
> gert
> --
> USENET is *not* the non-clickable part of WWW!
>                                                            //www.muc.de/~gert/
> Gert Doering - Munich, Germany                             gert at greenie.muc.de
> fax: +49-89-35655025                        gert.doering at physik.tu-muenchen.de
> _______________________________________________
> openssh-unix-dev at mindrot.org mailing list
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
>