I think I understand the problem. Dimitry, please correct me if I'm
wrong.
Indeed it is not possible to do what we're trying to do Conrad, because
what we want to do is change the `utmp` file from the position of any
old program running on a terminal. This is a security problem because it
allows unprivileged users to modify the file for terminals they do not
own.
`utempter` is not meant to be *called* as a utility on the command line,
it's meant to be used from within a terminal emulator, when they
*create* the /dev/pts/X file, they will be handed a file descriptor
pointing to the master. `utempter` is supposed to be used by calling the
helper function with *that* file descriptor.
So TL;DR, what we're trying to do is simply unsafe. We shouldn't be able
to do it.
That said, does anyone know if there are bigger security holes opened up
by this? How much of a problem is it if someone spoofs a `utmp` entry?
Why should I care?
--Taeer
Excerpts from Conrad Hughes's message of February 20, 2020 2:46 am:
Hi Dmitry,
Thanks for getting back to me. Unfortunately I remember little of what
I learned while digging into this two years ago, so I don't know how to
recognise a properly configured pseudo-terminal master device or a
mis-configured operating system with a broken ptsname: I'm just running
Debian 10.3 with Gnome/Wayland.
All I was after was a program that could wrap gnome-terminal's shell
invocations, and add them to utmp, so:
utmp_wrap /bin/bash -l
would use libutempter to create a utmp entry for each terminal window.
I attach example source that fails with libutempter as released, but
succeeds if it's patched as suggested above.
Are you saying that what I'm after is impossible because of security
concerns, or can you please suggest a means to make it work?
Best regards,
Conrad
