From aangel@haknich.ugc.net Tue Jun 13 03:08:49 2000 Return-Path: Received: from haknich.ugc.net (c433473-b.adrian1.mi.home.com [24.15.3.95]) by hub.freebsd.org (Postfix) with ESMTP id 8AEB537B9D5 for ; Tue, 13 Jun 2000 03:08:48 -0700 (PDT) (envelope-from aangel@haknich.ugc.net) Received: (from aangel@localhost) by adrian.mi.haknich.ugc.net (8.9.3/8.9.3) id NAA04018; Sat, 10 Jun 2000 13:16:13 -0400 (EDT) (envelope-from aangel) Message-Id: <200006101716.NAA04018@adrian.mi.haknich.ugc.net> Date: Sat, 10 Jun 2000 13:16:13 -0400 (EDT) From: User Aangel Reply-To: aangel@haknich.ugc.net To: FreeBSD-gnats-submit@freebsd.org Subject: login allows users to login remotely without showing from host X-Send-Pr-Version: 3.2 >Number: 19239 >Category: bin >Synopsis: login allows users to login remotely without showing from host >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: closed >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Jun 13 03:10:03 PDT 2000 >Closed-Date: Sun Jul 07 09:28:05 PDT 2002 >Last-Modified: Sun Jul 07 09:28:05 PDT 2002 >Originator: User & >Release: FreeBSD 4.0-RELEASE i386 >Organization: Hcom >Environment: User is logged in remotely. >Description: User may run the 'login' program an re-log into the system and appear as a local user. >How-To-Repeat: Login remotely (ssh, telnet, etc.). Run 'login'. Login again. (ie): bash-2.03$ who am i aangel ttyp1 Jun 10 13:12 (localhost) bash-2.03$ login login: aangel Password: bash-2.03$ who am i aangel ttyp1 Jun 10 13:12 bash-2.03$ >Fix: add code to check if user is logged in remotely and keep current host *or* prohibit users from running 'login' from a logged terminal. >Release-Note: >Audit-Trail: Responsible-Changed-From-To: gnats-admin->freebsd-bugs Responsible-Changed-By: phantom Responsible-Changed-When: Sat Jul 8 07:09:06 PDT 2000 Responsible-Changed-Why: Misfiled PR http://www.freebsd.org/cgi/query-pr.cgi?pr=19239 State-Changed-From-To: open->closed State-Changed-By: jon State-Changed-When: Sun Jul 7 09:27:29 PDT 2002 State-Changed-Why: duplicate PR, see bin/5483 http://www.freebsd.org/cgi/query-pr.cgi?pr=19239 >Unformatted: