Bugtraq mailing list archives
Re: AIX rlogind
From: casper () fwi uva nl (Casper Dik)
Date: Tue, 24 May 94 10:54:33 +0200
the reason some ports of shadow are `bad' and some aren't is directly related to how the getopt(3) routine works on that os. if it allows "-froot" to mean the same as "-f root", then it's going to be ``buggy''.i would have sworn that POSIX defines that as correct behaviour for getopt().Then either (a) login shouldn't use getopt(), (b) all programs that call login should check what they pass for sanity (effectively, reimplement login's argument parsing themselves), or (c) an option should be defined for login that says "the next argument is a username regardless of what it looks like".
The problem is not so much using getopt. It's using f: for an option that doesn't expect an argument. The AIX and shadow 3.x login program used getopt(, "f:h:") instead of getopt(, "fh:)". Instead of the normal login usage of: login [-r host] [ -h host ] [-p] [-f] [username] they implemented login [-r host] [ -h host ] [-p] [-f username] [username]
Personally, I prefer option (c), though if I were to write a login, it would also take tack (a) because I never use getopt.
You can also modify rlogind and telnetd to pass the end of options string "--" before the username, though this requires a login that uses getopt. Casper
Current thread:
- Aix rlogind THOMAS P. WALPOLE (May 20)
- Re: Aix rlogind Wietse Venema (May 21)
- <Possible follow-ups>
- Re: Aix rlogind der Mouse (May 21)
- Re: AIX rlogind Jim Thompson (May 22)
- Re: AIX rlogind der Mouse (May 23)
- Re: AIX rlogind Casper Dik (May 24)