Some relevant discussion: http://archives.neohapsis.com/archives/linux/lsap/2001-q1/0067.html >> After reading the code, ... utempter >> allow for setting arbitrary ut_host's. > > Hm, version 0.5 which is what we're using has this: > > if (!getuid()) { > host = argv[3]; /* either NULL or something real */ > } else { > host = NULL; > } > > which seems perfectly safe to me. I didn't notice the UID check. Why would utempter be run as root, though? ... ... > ... Or take ut_host; connecting to your sshd and making the > reverse lookup return funky stuff definitely has potential as well. Yes, and I am not sure of where this should be fixed. Maybe the libc interface should sanitize the structure contents before writing? But then there's not even a return value to indicate the error. Perhaps, just log the IP address when the hostname looks bad? (The IP address is (should be) also logged separately either way.)
Cheers, Paul Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of Sydney Australia -- To UNSUBSCRIBE, email to debian-qt-kde-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201210061042.q96agoij019...@bari.maths.usyd.edu.au
