[Bug 974] Record Badlogins for all supported Authentication methods
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Thu Jan 20 17:17:08 EST 2005
http://bugzilla.mindrot.org/show_bug.cgi?id=974
------- Additional Comments From dtucker at zip.com.au 2005-01-20 17:17 -------
(From update of attachment 774)
>+ if ( getuid() != 0 ){
>+ debug("=== calling log_btmp uid %d ===\n", getuid());
>+ mm_log_btmp(authctxt->user,get_canonical_hostname(options.use_dns));
>+ } else {
>+ debug("=== calling log_btmp uid %d ===\n", getuid());
>+ og_btmp(authctxt->user,get_canonical_hostname(options.use_dns));
>+ }
This bit is unnecessary, the PRIVSEP macro is for this purpose, ie:
debug("=== calling log_btmp uid %d ===\n", getuid());
PRIVSEP(log_btmp(authctxt->user,get_canonical_hostname(options.use_dns)));
>+int mm_answer_log_btmp(int socket, Buffer *m){
[...]
>+ buffer_get(m, user ,1024);
>+ buffer_get(m, hostname ,1024);
Sending the username is unecessary as the monitor already knows it (ie
authctxt->user). Hostname can be determined too (see mm_record_login). As a
general rule, as little as possible should be sent from slave to monitor.
It's out of the scope of this bug but I'd prefer to see a generalized
audit_event like in bug #125 in both OpenBSD and Portable, which could be
easily extended to handle cases like this.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-bugs
mailing list