Subject: xterm: user `jsroot'(uid=0) entered into utmp as user `root'
Date: Sun, 27 Aug 2000 14:25:11 -0400 (EDT)
Package: xterm
Version: 3.3.6-10
Severity: normal
Hi,
On my system there are three unique users with userid=0, they are
`root', `sashroot', and `jsroot'. While logged in on an xterm as
user `jsroot' on `pts/2', I started another xterm which was then
allocated `pts/3' for its use.
The following typescript from `pts/3' shows that its utmp entry
was made for user `root', rather than for user `jsroot'. In
addition, its environment variable LOGNAME was set to `root' while
USER was set to `jsroot'.
0=bash, 1=.sh_env, EUID=0, PWD=~jsroot, SHELL=/bin/bash, SHLVL=2
.sh_env: *warning* LOGNAME=root and USER=jsroot
.sh_env: now setting LOGNAME=jsroot
1 jsroot ~ # dump-utmp /var/run/utmp | sed 's/ //g'
||8|si|6| ||Sun Aug 27 10:09:38 2000
reboot|~ |2|~~|0| ||Sun Aug 27 10:09:38 2000
runlevel|~ |1|~~|20018| ||Sun Aug 27 10:09:38 2000
||8|l2|254| ||Sun Aug 27 10:09:45 2000
LOGIN |tty1|6|1 |417| ||Sun Aug 27 10:09:45 2000
LOGIN |tty2|6|2 |418| ||Sun Aug 27 10:09:45 2000
LOGIN |tty3|6|3 |419| ||Sun Aug 27 10:09:45 2000
LOGIN |tty4|6|4 |420| ||Sun Aug 27 10:09:45 2000
LOGIN |tty5|6|5 |421| ||Sun Aug 27 10:09:45 2000
LOGIN |tty6|6|6 |422| ||Sun Aug 27 10:09:45 2000
LOGIN |tty9|6|9 |423| ||Sun Aug 27 10:09:45 2000
jeff|:0|7|:0|11823|248.252.255.191|console |Sun Aug 27 10:16:45
2000
jeff|pts/0 |7|/0|11889| |:0.0|Sun Aug 27 10:16:47 2000
jeff|pts/1 |7|/1|11890| |:0.0|Sun Aug 27 10:16:47 2000
jsroot|pts/2 |7|/2|11959| |:0.0|Sun Aug 27 10:17:09 2000
root|pts/3 |7|/3|15235| |:0.0|Sun Aug 27 13:38:02 2000
2 jsroot ~ # who
jeff :0 Aug 27 10:16 (console)
jeff pts/0 Aug 27 10:16 (:0.0)
jeff pts/1 Aug 27 10:16 (:0.0)
jsroot pts/2 Aug 27 10:17 (:0.0)
root pts/3 Aug 27 13:38 (:0.0)
3 jsroot ~ # who am i
eden-hda7.my.local!root pts/3 Aug 27 13:38 (:0.0)
Just in case you are wondering exactly how to duplicate this, here
is how.
I initially logged in via xdm as user `jeff', then I started
an xterm on `pts/2', then I executed `exec login jsroot',
which updated utmp for `pts/2' as user `jsroot'. Then I
executed `xterm' from `jsroot' on `pts/2', which started on
`pts/3', from which I copied the above typescript.
Also, I get the same reported behavior from xterm when I just
login as user `jsroot' via xdm.
Note that I get the same behavior from xterm regardless of whether
its `loginShell' resource is true or false.
Thanks,
--
Jeff Sheinberg <[email protected]>
-- System Information
Debian Release: 2.2
Kernel Version: Linux eden-hda7.my.local 2.2.17 #1 Sun Jun 25 09:24:41 EST 2000 i586 unknown
Versions of the packages xterm depends on:
ii libc6 2.1.3-10 GNU C Library: Shared libraries and Timezone
ii libncurses5 5.0-6 Shared libraries for terminal handling
ii xlib6g 3.3.6-10 shared libraries required by X clients
--- Begin /etc/X11/Xresources/xterm (modified conffile)
! /etc/X11/Xresources/xterm
! Uncomment the following lines to make xterm appear much like a virtual
! console, so that ANSI colors will make more sense.
! XTerm*background: black
! XTerm*foreground: gray90
! DEC VT series terminal emulators (like xterm) must generate VT220-compliant
! sequences for the backspace and delete keys per the Debian Policy Manual;
! this provides compatibility with the Linux console. Also, work around an
! apparent bug in the default translations for the home and end keys in
! xterm. Note that this resource specification affects all programs with a
! "vt100" widget in their resource class hierarchy, and that these
! translation overrides do not apply if one of the listed modifier keys is
! pressed (e.g., what shift-backspace does depends on the program in question).
! Note - These resources are also loaded from the ~/.Xresources file,
! therefore, all upstream changes need to be copied from this
! file /etc/X11/Xresources/xterm into your ~/.Xresources file.
*VT100.Translations: #override ~Shift ~Ctrl ~Meta <Key>BackSpace: string("\177")\n\
~Shift ~Ctrl ~Meta <Key>Delete: string("\033[3~")\n\
~Shift ~Ctrl ~Meta <Key>Home: string("\033[1~")\n\
~Shift ~Ctrl ~Meta <Key>End: string("\033[4~")
! /etc/X11/Xresources/xterm - end of file.
--- End /etc/X11/Xresources/xterm
Closing this bug per this information from the upstream author.
----- Forwarded message from Thomas Dickey <[email protected]> -----
From: Thomas Dickey <[email protected]>
To: Branden Robinson <[email protected]>
Subject: bug report 70084 (xterm)
Date: Thu, 28 Dec 2000 20:01:14 -0500
Delivered-To: [email protected]
Delivered-To: [email protected]
Message-ID: <[email protected]>
Reply-To: [email protected]
User-Agent: Mutt/1.2.5i
I don't think we can make this guy happy - xterm's using getpwuid() to get
an entry from the passwd file, so it will always get the same result (probably
the first one). I considered making xterm check to see if the current value
of $LOGNAME is consistent, and allow it to select a closer match, but see
a problem: different lines in the passwd file can have different shells
and different home directories. Some people would consider that a security
issue, since it leaves control over which entry is selected up to the user,
who can set $LOGNAME.
--
Thomas E. Dickey <[email protected]>
http://dickey.his.comftp://dickey.his.com
----- End forwarded message -----
--
G. Branden Robinson | It was a typical net.exercise -- a
Debian GNU/Linux | screaming mob pounding on a greasy spot
[email protected] | on the pavement, where used to lie the
http://deadbeast.net/~branden/ | carcass of a dead horse.
Debian Bug Tracking System writes:
> ----- Forwarded message from Thomas Dickey <[email protected]> -----
>
> From: Thomas Dickey <[email protected]>
> To: Branden Robinson <[email protected]>
> Subject: bug report 70084 (xterm)
> Date: Thu, 28 Dec 2000 20:01:14 -0500
> Delivered-To: [email protected]
> Delivered-To: [email protected]
> Message-ID: <[email protected]>
> Reply-To: [email protected]
> User-Agent: Mutt/1.2.5i
>
> I don't think we can make this guy happy - xterm's using getpwuid() to get
^^^^^^^^^^^^^^^^^^^^^^^^^^
> an entry from the passwd file, so it will always get the same result (proba=
> bly
> the first one). I considered making xterm check to see if the current value
> of $LOGNAME is consistent, and allow it to select a closer match, but see
> a problem: different lines in the passwd file can have different shells
> and different home directories. Some people would consider that a security
> issue, since it leaves control over which entry is selected up to the user,
> who can set $LOGNAME.
Hi Branden,
It's very easy to make me happy - don't try to re-invent the
wheel, just follow the established standards.
See Stevens, APUE, p. 232, regarding getlogin(3), and susv2, XSH,
`getlogin.html'.
Thanks,
--
Jeff Sheinberg <[email protected]>
Acknowledgement sent to [email protected] (Branden Robinson):
Extra info received and filed, but not forwarded.
(full text, mbox, link).
----- Forwarded message from Thomas Dickey <[email protected]> -----
From: Thomas Dickey <[email protected]>
To: Branden Robinson <[email protected]>
Subject: Re: [[email protected]: Bug#70084: acknowledged by developer ([[email protected]: bug report 70084 (xterm)])]
Date: Sat, 30 Dec 2000 18:48:39 -0500
Delivered-To: [email protected]
Delivered-To: [email protected]
Message-ID: <[email protected]>
Reply-To: [email protected]
User-Agent: Mutt/1.2.5i
In-Reply-To: <[email protected]>; from [email protected] on Sat, Dec 30, 2000 at 06:11:57PM -0500
sure - I can experiment with getlogin(). however, see the comment
in getlogin's manpage:
BUGS
Unfortunately, it is often rather easy to fool getlogin().
Sometimes it does not work at all, because some program
messed up the utmp file. Often, it gives only the first 8
characters of the login name. The user currently logged in
on the controlling tty of our program need not be the user
who started it.
Nobody knows precisely what cuserid() does - avoid it in
portable programs - avoid it altogether - use getp-
wuid(geteuid()) instead, if that is what you meant. DO NOT
USE cuserid().
(so I could only use it as supporting info - I'm not sure that it improves
matters immensely, though since utmp _is_ based on names, it is a little
better than $LOGNAME).
On Sat, Dec 30, 2000 at 06:11:57PM -0500, Branden Robinson wrote:
> ----- Forwarded message from Jeff Sheinberg <[email protected]> -----
>
> From: Jeff Sheinberg <[email protected]>
> To: [email protected]
> Subject: Bug#70084: acknowledged by developer ([[email protected]: bug report 70084 (xterm)])
> Date: Sat, 30 Dec 2000 17:22:51 -0500 (EST)
> Delivered-To: [email protected]
> Delivered-To: [email protected]
> Reply-To: Jeff Sheinberg <[email protected]>, [email protected]
> Resent-From: Jeff Sheinberg <[email protected]>
> Resent-To: [email protected]
> Resent-Cc: Branden Robinson <[email protected]>
> Resent-Date: Sat, 30 Dec 2000 23:04:03 GMT
> Resent-Message-ID: <[email protected]>
> Resent-Sender: [email protected]
> X-Debian-PR-Message: report 70084
> X-Debian-PR-Package: xterm
> X-Debian-PR-Keywords:
> X-Loop: [email protected]
> Message-ID: <[email protected]>
> In-Reply-To: <[email protected]>
> X-Mailer: VM 6.75 under Emacs 19.34.1
> Delivered-To: [email protected]
>
> Debian Bug Tracking System writes:
> > ----- Forwarded message from Thomas Dickey <[email protected]> -----
> >
> > From: Thomas Dickey <[email protected]>
> > To: Branden Robinson <[email protected]>
> > Subject: bug report 70084 (xterm)
> > Date: Thu, 28 Dec 2000 20:01:14 -0500
> > Delivered-To: [email protected]
> > Delivered-To: [email protected]
> > Message-ID: <[email protected]>
> > Reply-To: [email protected]
> > User-Agent: Mutt/1.2.5i
> >
> > I don't think we can make this guy happy - xterm's using getpwuid() to get
> ^^^^^^^^^^^^^^^^^^^^^^^^^^
> > an entry from the passwd file, so it will always get the same result (proba=
> > bly
> > the first one). I considered making xterm check to see if the current value
> > of $LOGNAME is consistent, and allow it to select a closer match, but see
> > a problem: different lines in the passwd file can have different shells
> > and different home directories. Some people would consider that a security
> > issue, since it leaves control over which entry is selected up to the user,
> > who can set $LOGNAME.
>
> Hi Branden,
>
> It's very easy to make me happy - don't try to re-invent the
> wheel, just follow the established standards.
>
> See Stevens, APUE, p. 232, regarding getlogin(3), and susv2, XSH,
> `getlogin.html'.
>
> Thanks,
> --
> Jeff Sheinberg <[email protected]>
>
>
>
>
> ----- End forwarded message -----
>
> --
> G. Branden Robinson | Men use thought only to justify their
> Debian GNU/Linux | wrong doings, and speech only to conceal
> [email protected] | their thoughts.
> http://deadbeast.net/~branden/ | -- Voltaire
--
Thomas E. Dickey <[email protected]>
http://dickey.his.comftp://dickey.his.com
----- End forwarded message -----
--
G. Branden Robinson | I just wanted to see what it looked like
Debian GNU/Linux | in a spotlight.
[email protected] | -- Jim Morrison
http://deadbeast.net/~branden/ |