NetBSD Problem Report #46774

From  Mon Aug  6 08:05:43 2012
Return-Path: <>
Received: from ( [])
	by (Postfix) with ESMTP id 1776263B882
	for <>; Mon,  6 Aug 2012 08:05:43 +0000 (UTC)
Message-Id: <>
Date: Mon,  6 Aug 2012 08:05:42 +0000 (UTC)
Subject: Root access without even trying / pkgsrc xdm 1.1.11nb1 badly broken
X-Send-Pr-Version: www-1.0

>Number:         46774
>Category:       pkg
>Synopsis:       Root access without even trying / pkgsrc xdm 1.1.11nb1 badly broken
>Confidential:   no
>Severity:       critical
>Priority:       medium
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon Aug 06 08:10:00 +0000 2012
>Last-Modified:  Sun Jan 20 07:38:54 +0000 2019
>Originator:     Andrew Smallshaw
>Release:        5.1 release
NetBSD n1a 5.1 NetBSD 5.1 (GENERIC) #1: Mon Feb 20 19:25:38 GMT 2012  root@furble:/usr/src/sys/arch/i386/compile/GENERIC i386
xdm 1.1.11nb1 is sufficiently badly broken that it's actually difficult to say precisely what's up with it.  However the symptoms are:

- Xsetup scripts do not appear the be called regardless of what is stated in xdm-config.

- A script also seems to be missing immediately after user login.  Basic variables such as PATH are not set to sane initial values.

- No user change takes effect.  xdm accepts username and password then invokes user's .xsession AS ROOT.  Any xterms or similar opened up in the following X session are in fact root prompts.

Obviously it is that last one that has the security implications which is why I have categorized this as critical, but it I strongly suspect there is some other underlying root cause of all these issues.
Try building and using xdm from a current pkgsrc of a recent stable release.
Not really a fix but highly effective: roll back to 1.1.9nb1 as the last known good version:

cd /usr/pkgsrc/x11/xdm
cvs update -rpkgsrc-2010Q1

It seems that there are few enough dependencies mixing up versions like this causes no big issue.



Responsible-Changed-From-To: security-officer->bjs
Responsible-Changed-When: Mon, 06 Aug 2012 17:13:31 +0000
Package was miscategorised.  security is for problems with things in base.
Change category to pkg and assign to MAINTAINER.

From: "OBATA Akio" <>
Subject: Re: pkg/46774 (Root access without even trying / pkgsrc xdm 1.1.11nb1
 badly broken)
Date: Tue, 07 Aug 2012 21:17:29 +0900

 1. install x11/xdm with X11_TYPE=modular
 2. /usr/pkg/share/example/rc.d/xdm onestart with `root' user.
 3. login my user and password via XDM
 4. cat ~/.xsession
     exec twm
 5. prompt of xterm is mine

 Please let me know how to reproduce your problem.

 OBATA Akio /

Responsible-Changed-From-To: bjs->pkg-manager
Responsible-Changed-When: Sun, 20 Jan 2019 07:38:54 +0000
Reset responsible field for retired developer.


NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD:,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2007 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.