[Bug 233578] Unprivileged local user can prevent other users logging in by locking utx.active

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Thu, 06 Feb 2025 15:21:54 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=233578

Dan Cross <cross@gajendra.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |cross@gajendra.net

--- Comment #10 from Dan Cross <cross@gajendra.net> ---
This has come up for me recently, on a multiuser system where (by design) not
all of the accounts are completely trusted. Unprivileged users preventing
logins is unacceptable, but it would be a shame to de-permit access to
utx.active, thus making programs like `finger`, `w`, or `who` or other
consumers of the `getutxent` interface uninteresting.

The proposal in #4 seems reasonable; is there any chance this could be applied
any time soonish?

Btw, looking at the code in `pututxline`, the algorithm for updating lastlog
appears to be linear in the number of users on the system. We've got tens of
thousands of users, making this very slow; other systems use the uid as an
index into that file (which may be sparse as a result, but that's ok). Would it
be possible to do that here?

Also, we used to have a program that (effectively) tail -f'ed the wtmp file and
would print out a message when someone in a user-selectable list logged in or
out; our users enjoyed that. But there's no way to accommodate that in the
current framework, which is a shame. Part of this is due to the data format
being opaque, and part of it is inadequacies in the API (there's no way to use
e.g., `setutxdb` and then seek to the end of a file).  It's a bit of a shame.

-- 
You are receiving this mail because:
You are the assignee for the bug.