History for getty_ps. Christine Jamison getty-info@nwmagic.net ------------------------------------------------------------------ ------------------------- Fri Apr 16 16:00:00 2004 ------------------------- released getty 2.1.0b full source release available at ftp.nwmagic.net Release synopsis: This release is an emergency patch release, to patch a security problem reported by various organizations. Reported Problems with previous release: Security vulnerability, CERT VU#342768; also reported as SecurityFocus BID #2194, and CVE-2001-0119. The problem occurs *ONLY* when getty_ps (getty or uugetty) is put in "debug work file mode" (either "#define SYSLOG" or "#define SYSL_DEBUG" is *NOT* present, and Debug > 0), which should *NEVER* be done in production! Current versions (2.0.8 and above) come with getty/uugetty *not* configured this way by default. However, if it *should* get configured this way inadvertantly, then this security bug would come out. The details of the bug are as follows: Because getty/uugetty does not check for the existence of the debug workfile, when in "debug work file mode" (a mode *quite* handy for tracking down flaky getty bugs!) before writing to it, it is subject to a symlink attack. A symlink attack is possible, because this debug file is put in the "/tmp" directory, which has univeral access, and the debug file name is easily guessable. Simply put, a symlink attack occurs when a "bad" person with access to the system puts a symbolic link to a system file in the "/tmp" directory with the name of this debug file! Now, when someone logins in and uses the debg file, the file that is *actually* written to is the file pointed to by the symlink! Because getty/uugetty is run as root, there is nothing to stop getty/uugetty from writing to any file in the system! This could have significant security implications! Furthermore, having the debug work file erased if it exists before opening it and writing to it circumvents the entire purpose of the file! The *good* news is that this should *NEVER* happen in production! Anyone who distributes a copy of getty/ugetty with it configured in this manner needs their head examined! However, it *is* possible to do so, so I have addressed the issue - henceforth, the patch of code that activates "debug file mode" will be disabled with an "#if 0", making it impossible to have this security bug in the future, using the normal configuration proceedures. That way, I can still use it, should a pesky getty/uugetty bug get inadvertantly introduced during development in the future. New features added in this release are: None. Fixes in this release are: 1. Security fix for above referenced reports. ------------------------- Fri Sep 27 07:15:00 2002 ------------------------- released getty 2.1.0(a) full source release available at ftp.nwmagic.net Release synopsis: This release is yet another maintenance release, but I have changed the version # to 2.1.x, as this is now glibc2 compatible. (I just got my Slackware 8.0 server running!) I did not realize just how much the library routines had changed over the years, but I'll be on top of it from now on... Also, I did not *realize* how much improvement has been done to *login* programs in the last few years.... I'm running to catch up! Reported Problems with previous release: None. Fixes in this release are: 1. Added support for glibc2 libraries (but, I *did* leave the old library code in there, just in case some one out there is running with old libraries... See the LIBRARIES definition.); 2. Merge OLD_UTMP and new LIBRARIES definitions (we *really* need only one, after all); 3. Clean up variables (makes searches easier...); 4. Continue changing the style of some of the comments; 5. Fix the segmentation fault that occured when the @V Prompt Substitution; 6. Fix the way that the @V Prompt Substitution was processed (if VERSION was set in the "getty" config file, is was assumed to be text string, and the test to see if it was a file was skipped); 7. Fix the parsing routine for the config file to work correctly *all* the time (was causing TimeOut to not be set correctly intermittently); 8. Change the rules for re-prompting for a login vs. exiting the program and starting over (which resets the TimeOut timer, BTW); 9. Check the uppercase logic. While getty sets the stty parameters correctly, Linux does not correctly process this at the shell; 10. Fixed problem requiring a blank line in "gettydefs" between each entry (this was a left over from an *ancient* patch made to upgrade from some *really* old lib's); 11. Start adding a common header to all source files. New features added in this release are: 1. Change the way the login timer works (you now have TimeOut seconds to complete the login, after entering the login name the first time); 2. Added several new Prompt Substitutions (@F @M @O @R @u); 3. Efax-0.9 is now supported. (Although you *do* need to replace the spooler to make efax work reliably. But that is *certainly* out of the scope of this document!) Please See the README.uugetty file for further information. 4. Major update to the getty man pages; 5. Modify make install to install the man pages. Plans for Next Release (2.1.1): 1. Change the way login timer works (start timer after the first keystroke); 2. Add user-supplied patch for really old (1990) modem; 3. Modify Make to install the files in Examples, for any file that is not present; 4. More code cleanups. ------------------------- Mon Jun 10 20:25:00 2002 ------------------------- released getty 2.0.8 full source release available at ftp.nwmagic.net READ ALL THE RELEASE NOTES! THE ONES PRIOR TO THIS UNTIL 2.0.7d ARE "UNOFFICIAL" RELEASES!! Release synopsis: This release is a maintenance release. If you are using 2.0.7i or 2.0.7j, this release is *MANDATORY*!! There were bugs introduced in 2.0.7i, which this release fixes. Also, as the lowest non-EC speed is 1200 baud, 1200 baud has been re-established in this release. (And, I left 4800 baud in, even though it's not referenced in /etc/gettydefs and I can't see *any* use for it.... ONCE, I used 4800 baud on a dumb VDT, when the serial cable was over 700 feet!) Reported Problems with previous release: Lots of little, intermittent bugs. The fixes in this release are: 1. Change the ownership of the port while logging in with uugetty (This removes the need for the "cua?" alternate port for modems; but, the code to support the alternate port is still here); 2. Add a "sleep(7)" beween each of the 3 tries (from 2.0.7i) when the port is busy on initial open, so that getty and uugetty will not start and stop so frequently that init disables it (for 5 mins, typically); 3. Change *when* the 10-second elapsed-time timer is started and stopped (this bug had the *wonderful* side-effect of disabling the WAITCHAR option); 4. Change the style of some of the comments; 5. Add back in 1200 baud as a valid option (the highest common non-ECC speed); 6. Explicitly force the DTR signal to drop (by closing the stdin, stdout, and stderr and then doing a sleep(1)), so that modems will hang up (which on most modems does a reset), as they should when the (uu)getty is killed, or the process logs out. Plans for Next Release (2.0.9): more code cleanups ------------------------- Fri Feb 21 1997 ------------------------- released getty 2.0.7j Release synopsis: If you're using 28.8 modems or faster for dialins, you probably want to upgrade. This release is happening only because of an unbearable number of pleas from Usenet. Please read the Serial-HOWTO before you post questions in the comp.os.linux.* and linux.dev.* groups. uugetty and getty should now accept 57600, 115200 and 230400 as valid speeds. Hopefully this will keep us going for six months until we need to up them again. This release DOES NOT support speeds lower than 2400! If you're trying to use adaptive answer with Hylafax's faxgetty, you should use agetty which will accept a connection from stdin. No support for this release. Sho Nakagama bbs.fdu.edu ------------------------- Sun Apr 28 15:00:00 1996 ------------------------- released getty 2.0.7i Release synopsis: If you're using 'uugetty' for dial-in's, you should upgrade to this release. uugetty sometimes hangs while trying to open() a modem port. The last line from /usr/adm/debug will look like ... "... D_INIT: opening line /dev/ttyS1" This release fixed the above problem so that failure to open the "tty" after 3 attempts will terminate the program so that init can restart another uugetty, rather than hanging forever! Jeff Chua jchua@fedex.com April 28 96 ------------------------- Date Unknown ------------------------- released getty 2.0.7h Release synopsis: This release fixes a bug that I saw a long time ago, but it went away . . . until now (while upgrading to 1.3.xx kernel). The problem shows up as a segmentation fault if the term type is not specified for a getty or uugetty process. I have not been specifying the terminal type for serial lines in my /etc/inittab file. For example, I have # Serial lines s0:5:respawn:/sbin/uugetty ttyS0 38400 as opposed to # Serial lines s0:5:respawn:/sbin/uugetty ttyS0 38400 vt100 In my case, uugetty would default to a term type of 'unknown' and would never initialize its clear screen variable (clrscr), causing a segmentation fault every time the login process began. A minor fix, so it should work either way now. Mike Blatchley Mike_Blatchley@maxtor.com ------------------------- Date Unknown ------------------------- released getty 2.0.7g Release synopsis: This releases is a minor modification of the 2.0.7f `release'. The main problem with 2.0.7f is that some files are missing which are necessary for the compilation. 2.0.7g contains the missing files (uufuncs.* and utmp2.c which can be obtained from the getty_ps-2.0.7e and the agetty-1.9.1a packages). I also fixed two bugs. Getty now should work even if there is no utmp entry for the line on startup. The other bug I fixed is not really a bug, only a necessary change to make callout programs work together with getty (and its WAITFOR option) on future kernels. The problem is that POSIX allows to implicitly vhangup() a terminal when the session leader of the terminal exits. With the WAITFOR or WAITCHAR option getty waits for a character on its standard input. When a character arrives it checks for logs on the line and if it finds one, it exits. But this exit may vhangup() the callout program which locked the device. To prevent this, in this version getty drops its controlling terminal before exiting. In this version getty does a chmod(devname, 0600) before it opens and vhangups the terminal. Note that at present it seems that there is not maintainer for getty_ps. The original maintainer no longer works on it. I do not maintain it either. If you would like to become a maintainer, please contact Kris Gleason , but do not mention getty in the subject since Kris has a mail robot which drops these messages. In this package I included precompiled elf binaries. a.out binaries dynamically linked with libc.so.4.5.26 are also available, just unpack the aout-bins.tgz archive. Zoltan Hidvegi hzoli@cs.elte.hu ------------------------- Date Unknown ------------------------- released getty 2.0.7f Release synopsis: The current getty's under Linux change the 2-character vector ut_id to be the first 2 characters of the line. This causes problems for 3-character names of ports such as ttyS20 because ttyS20, ttyS21, etc all get the same abbreviation. In addition, the utmp2.c file as distributed keys off ut_id to determine which utmp entry to replace in "setutent", so changing the ut_id field confuses setutent. These problems lead to only one such terminal being seen from "who", "finger", "talk", etc, as well as infinite growth of /etc/utmp. Init sets up ut_id from the 2-character key at the front of each line of the /etc/inittab file, and the mods to getty_ps in this directory cause it to leave that key untouched. The mods to getty_ps in this directory appear to fix the problems mentioned above. The following output of /usr/src/init/dump < /etc/utmp shows correct utmp entries generated by a fixed agetty (for tty2-tty6) and incorrect entries generated by a broken uugetty (ttyC* and tty1): Utmp dump of stdin [5] [22634] [c1] Jul 27 13:32:59 [6] [22588] [c2] tty2 Jul 27 13:27:25 [6] [22589] [c3] tty3 Jul 27 13:27:29 [7] [22317] [c5] alan tty5 Jul 27 13:16:58 [6] [22718] [c4] tty4 Jul 27 13:43:25 [6] [22593] [c6] tty6 Jul 27 13:27:41 [5] [22724] [t8] Jul 27 13:43:36 [6] [22724] [ ] ttyC14 Jul 27 13:43:37 [0] [00000] [ ] Dec 31 17:00:00 [0] [00000] [ ] Dec 31 17:00:00 [0] [00000] [ ] Dec 31 17:00:00 [0] [00000] [ ] Dec 31 17:00:00 [0] [00000] [ ] Dec 31 17:00:00 [6] [22634] [1 ] tty1 Jul 27 13:33:00 This is showing alan logged in on tty5, with tty2, tty3, tty4, and tty6 waiting in agetty. The [5]'s are in init, [6]'s are getty/login, [7]'s are user processes, and [0]'s are free entries. It should be unusual to see a process in init if the terminal is enabled. The duplicate entries for pid's 22634 and 22724 for ttyC14 are caused by the broken gettys. Note that utmp seems to be growing, in that there are 5 empty entries but tty1's entry got stuck at the end of the file. The released utmp2.c, in setutent, fails to find the entry for tty1 (because its searching for "1 " and the original entry was "c1") and so it adds another entry at the end of the file. Because pty's won't have unique ut_id's either, the regular utmp code won't work for them. I've added a "rewriteutent" call which just overwrites the last entry returned by getutent. This eliminates the sequential search that setutent was performing to match ut_id, so performance should be improved as well as reliability. Alan Wendt alan@ezlink.com ------------------------- Tue May 17 01:25:09 1994 ------------------------- released getty 2.0.7d full source release available at tsx-11.mit.edu and sunsite.unc.edu Reported Problems with previous release: none worth mentioning Changes for this release: cleaned up SCHED code a bit, other minor cleanups added a macro for alarm() and signal() that produces debugging output each time these are called added proper support for FIDO calls Plans for Next Major Release (2.0.8): more major code cleanups Fax receive major rewrite of chat sequence handling to facilitate creeping featurism Callback [not ringback] support major rewrite of defaults file and gettydefs file processing utmp/wtmp logging of fax receives and fido calls proper ownerships and modes for tty lines (configurable?) ------------------------- Sun Mar 13 12:53:24 1994 ------------------------- released getty 2.0.7d-beta full source release, as well as diffs against 2.0.7d-alpha available at boulder.colorado.edu:/pub/linux/getty_ps released to mailing list for testing only Reported Problems with previous release: vhangup() and controlling tty code still not quite correct second open should not have been retried on EAGAIN variable substitutions of '@c' produce nothing when 'c' is not a recognized variable utmp logging broken for users of simpleinit logging via syslog cordumped dprint() not working Changes for this release: fixed vhangup() and controlling tty code -- hopefully for the last time changed handling of '@c' variable substitutions so that if 'c' is not recognized, @c is just passed through as is exit if second open() returns EAGAIN correct unified handling of utmp regardless of the init program being used changed all instances of 'connect' to 'Connect' ... this was causing syslog() to coredump (the dynamic linker seems to replace the connect system call with the global variable connect). fixed dprint() (twice) to allocate its buffer in static memory so that I can return a pointer to it without it disappearing added signal handlers for QUIT, TERM, and SEGV to produce logging output cleaned up the Makefile a little bit (make depend works now, and make lint is gone) a few minor code cleanups Plans for Next Minor Release (2.0.7d): Possibly incorporate FIDO patches into the source There may be other unknown bugs Update ducumentation to reflect new options Plans for Next Major Release (2.0.8): more major code cleanups Fax receive FIDO calls implemented correctly major rewrite of chat sequence handling to facilitate creeping featurism Callback [not ringback] support major rewrite of defaults file and gettydefs file processing utmp/wtmp logging of fax receives and fido calls proper ownerships and modes for tty lines (configurable?) ------------------------- Mon Mar 7 15:13:44 1994 ------------------------- released getty 2.0.7d-alpha full source release available at boulder.colorado.edu:/pub/linux/getty_ps released to mailing list for testing only Reported Problems with previous release: bum patches (2.0.7c) -- patches broke more than they fixed incompatibility with 0.99.15 and higher kernels Changes for this release: major source code cleanups added syslog support for logerr() and debug() changed debug() and logerr() to use stdarg instead of varargs more verbose debug() output: added strerror(errno) to many debug calls added printing of debug facility syslog support more verbose logerr() output: added strerror(errno) to many logerr calls syslog support corrected line initialization: line correctly opened, and vhangup()'d initial termios settings set correctly process group & controlling terminal correctly established EAGAIN return from open() handled correctly bug fixes: wtmp file is locked before writing to prevent corruption small bug fix in nextword() getty -c should work correctly now getty -t also works now deprecated code removed TRYMAIL support for error logging removed watchlocks() now that serial drivers take care of this Plans for Next Minor Release (2.0.7d): Bug fixes: the following known bugs exist syslog is there but does not work a few debug() calls do not do the right thing There may be other unknown bugs Update ducumentation to reflect new options Clean up the Makefile (add a make depend, etc...) Plans for Next Major Release (2.0.8): more major code cleanups Fax receive FIDO calls implemented correctly major rewrite of chat sequence handling to facilitate creeping featurism Callback [not ringback] support major rewrite of defaults file and gettydefs file processing utmp/wtmp logging of fax receives and fido calls proper ownerships and modes for tty lines (configurable?) ------------------------- Mon Jan 10 04:19:31 1994 ------------------------- released getty 2.0.7c patch kit against 2.0.7b available at tsx-11.mit.edu, sunsite.unc.edu posted patches to c.o.l.a, serial channel Changes for this release: various patches for compatibility with serial drivers appearing in 0.99.15 kernel ------------------------- Tue Apr 20 04:00:00 1993 ------------------------- released getty 2.0.7b full sources binaries linked with libc 2.3.3 available at tsx-11.mit.edu, sunsite.unc.edu Changes for this release: getty/uugetty: fixed the following bugs: fd 0 was left open from utmp updating, close INITLINE was not being used properly for WAITFOR Plans for Next Release: syslog support (maybe) NICE= option to allow renicing a login process more source code cleanups, including analysis of configuration files to attempt to determine instalation problems, and give a description of how to fix them (in english). :) :) such as: WAITFOR used without INITLINE RINGBACK used without WAITFOR arguments in the wrong order (speed, tty) and more... ------------------------- Sat Apr 17 00:00:00 1993 ------------------------- released getty 2.0.7 full sources binaries linked with libc 2.3.3 available at tsx-11.mit.edu, sunsite.unc.edu Changes for this release: getty/uugetty: removed syslog stuff since it didn't work... maybe another time various bug fixes ------------------------- Sat Apr 10 23:00:00 1993 ------------------------- completed getty 2.0.7 beta release to mailing list for testing only Changes for this release: getty/uugetty: incorporated Shane Alderton's ringback and syslog patches incorporated Rob Janssen's bugfix patches -D RBGETTY and -D USESYSLOG options for building added Plans for Next Release: public release... full documentation of new features fix any bugs reported by beta testers (of course...) fix syslog stuff.. it coredumps like mad ------------------------- Fri Apr 2 23:00:00 1993 ------------------------- completed getty 2.0.7 alpha (no public release) Reported Problems with previous release: getty/uugetty: still problems with job control on tty 1; a result of an incompatibility with sysvinit. flickering DTR with uugetty. Changes for this release: getty/uugetty: totally reworked main.c, added uufuncs.c, main.h, uufuncs.h in order to clean up the source code. Added INITLINE so that line initialization can be done over a separate device. reincorporated support for the WAITFOR option. uugetty: fork off a child to watch for lockfiles instead of using alarm clocks, so that DTR is not disturbed (only if WAITFOR is not used) Plans for next release: getty/uugetty: apply the ringback patches (by hand), and the various other patches. Documentation: move all of (4) to (5) to match the Linux manual scheme. document INITLINE and ringback options in the man pages, README. create several more examples of possible configurations. testing: beta release to people on the mailing list ------------------------- Thu Mar 18 23:23:59 1993 ------------------------- released getty_ps 2.0.6b experimental testing release available at: tsx-11.mit.edu:/pub/linux/sources/sbin/getty_ps2.0.6b.tar.z sunsite.unc.edu:/pub/Linux/Incoming package: full sources binaries for getty/uugetty compiled with gcc2.3.3, linked with libc.so.4.3.2 documentation patch against version 2.0.6a Reported Problems with previous release: getty/uugetty: problems with job control for some users ^\ ^C ^Z flickering DTR line (not addressed in this release) compiler warnings Changes for this release: getty/uugetty: (main.c) added POSIX job control stuff -- should fix job control cleaned up compiler warnings; -Wall reports no warnings now ------------------------- Fri Mar 12 03:00:39 1993 ------------------------- released getty_ps 2.0.6a available at: tsx-11.mit.edu:/pub/linux/Incoming sunsite.unc.edu:/pub/Linux/Incoming package: full sources binaries for getty/uugetty compiled with gcc2.3.3, linked with libc.so.4.3.2 documentation patch against version 2.0.6 Changes for this release: uugetty: (main.c) fixed a stupid bug... time call replaced in alarm rescheduling ------------------------- Thu Mar 11 02:09:33 1993 ------------------------- released getty_ps 2.0.6 available at: tsx-11.mit.edu:/pub/linux/Incoming sunsite.unc.edu:/pub/Linux/Incoming announcement to: comp.os.linux.announce package: full sources binaries for getty/uugetty compiled with gcc2.3.3, linked with libc.so.4.3.2 documentation Changes for this release: documentation: rewrote README.linux, using old version as a skeleton wrote README.ANNOUNCE changed getty.1 to reflect changes retained old documentation in OLD/ /etc/gettydefs: no changes /etc/defaults/*getty* removed WAITFOR=RING changed INIT to autoanswer added OFF to disable autoanswer uugetty: (main.c) added lockfile monitoring for modem reinitialization. adapted to work with scheduler. getty: (main.c) added simple scheduling mechanism: included support for SCHED line. support for OFF line for disabled initialization. adapted for use with callout devices: close line after initialization. reopen line, blocking on carrier detect. wait until line is free before doing initialization. tune.h: added #defines to compile in new configuration options getty.h: added debugging level D_SCH 0400 for scheduling debugging