NetBSD Problem Report #46774
From www@NetBSD.org Mon Aug 6 08:05:43 2012
Return-Path: <www@NetBSD.org>
Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66])
by www.NetBSD.org (Postfix) with ESMTP id 1776263B882
for <gnats-bugs@gnats.NetBSD.org>; Mon, 6 Aug 2012 08:05:43 +0000 (UTC)
Message-Id: <20120806080542.352B463B85F@www.NetBSD.org>
Date: Mon, 6 Aug 2012 08:05:42 +0000 (UTC)
From: andrews@sdf.lonestar.org
Reply-To: andrews@sdf.lonestar.org
To: gnats-bugs@NetBSD.org
Subject: Root access without even trying / pkgsrc xdm 1.1.11nb1 badly broken
X-Send-Pr-Version: www-1.0
>Number: 46774
>Category: pkg
>Synopsis: Root access without even trying / pkgsrc xdm 1.1.11nb1 badly broken
>Confidential: no
>Severity: critical
>Priority: medium
>Responsible: pkg-manager
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Mon Aug 06 08:10:00 +0000 2012
>Closed-Date: Wed Feb 22 23:24:20 +0000 2023
>Last-Modified: Wed Feb 22 23:24:20 +0000 2023
>Originator: Andrew Smallshaw
>Release: 5.1 release
>Organization:
>Environment:
NetBSD n1a 5.1 NetBSD 5.1 (GENERIC) #1: Mon Feb 20 19:25:38 GMT 2012 root@furble:/usr/src/sys/arch/i386/compile/GENERIC i386
>Description:
xdm 1.1.11nb1 is sufficiently badly broken that it's actually difficult to say precisely what's up with it. However the symptoms are:
- Xsetup scripts do not appear the be called regardless of what is stated in xdm-config.
- A script also seems to be missing immediately after user login. Basic variables such as PATH are not set to sane initial values.
- No user change takes effect. xdm accepts username and password then invokes user's .xsession AS ROOT. Any xterms or similar opened up in the following X session are in fact root prompts.
Obviously it is that last one that has the security implications which is why I have categorized this as critical, but it I strongly suspect there is some other underlying root cause of all these issues.
>How-To-Repeat:
Try building and using xdm from a current pkgsrc of a recent stable release.
>Fix:
Not really a fix but highly effective: roll back to 1.1.9nb1 as the last known good version:
cd /usr/pkgsrc/x11/xdm
cvs update -rpkgsrc-2010Q1
It seems that there are few enough dependencies mixing up versions like this causes no big issue.
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: security-officer->bjs
Responsible-Changed-By: jnemeth@NetBSD.org
Responsible-Changed-When: Mon, 06 Aug 2012 17:13:31 +0000
Responsible-Changed-Why:
Package was miscategorised. security is for problems with things in base.
Change category to pkg and assign to MAINTAINER.
From: "OBATA Akio" <obache@netbsd.org>
To: gnats-bugs@netbsd.org
Cc:
Subject: Re: pkg/46774 (Root access without even trying / pkgsrc xdm 1.1.11nb1
badly broken)
Date: Tue, 07 Aug 2012 21:17:29 +0900
1. install x11/xdm with X11_TYPE=modular
2. /usr/pkg/share/example/rc.d/xdm onestart with `root' user.
3. login my user and password via XDM
4. cat ~/.xsession
xterm&
exec twm
5. prompt of xterm is mine
Please let me know how to reproduce your problem.
--
OBATA Akio / obache@NetBSD.org
Responsible-Changed-From-To: bjs->pkg-manager
Responsible-Changed-By: dholland@NetBSD.org
Responsible-Changed-When: Sun, 20 Jan 2019 07:38:54 +0000
Responsible-Changed-Why:
Reset responsible field for retired developer.
State-Changed-From-To: open->closed
State-Changed-By: gutteridge@NetBSD.org
State-Changed-When: Wed, 22 Feb 2023 23:24:20 +0000
State-Changed-Why:
Stale bug from over a decade ago, with questions asked with no reply. If this is still an issue, we can re-open.
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.47 2022/09/11 19:34:41 kim Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2023
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.