Package: login Version: 1:4.0.3-30.10 Severity: wishlist I was hoping that login.defs could include a comment about the potential security problem if LOG_UNKFAIL_ENAB is set (it is unset by default).
If that parameter is set, then unknown usernames are visible to all users. This concern was raised in bug#290803; if someone mistypes, it is possible that they enter their username at a password prompt (for a previously abandoned login attempt), and then enter their password at a login prompt (logging their password to a world-readable file). I think the login times out pretty quickly, but this is still (theoretically..) something that an attacker could initiate. (Run up to someones machine while they're not looking, switch to VT#6, enter ' ' as the login name, and wait to see if they end up mindlessly entireing their username to the "password" prompt and ther password to the username prompt, that follows). (Well, I said hypothetical..) Javier: I'm Ccing you because you said (in #290808): Btmp should log bad login attempts, but it only does it if you chmod it o-r (the manpage does not say this). But, in fact, login (I guess) will log to my mode 0644 /var/log/btmp. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
