#34 effective login name is not set by xrdp-sesman

open
nobody
sesman (8)
5
2011-05-24
2011-05-24
Koichiro IWAO
No

xrdp is originally made for Linux, handling setlogin/getlogin is not enough for *BSD.
Some programs like mysql fail to get actual username.
Also, this may cause a security issue like FreeBSD-SA-02:07.k5su due to setlogin system call.
http://security.freebsd.org/advisories/FreeBSD-SA-02:07.k5su.asc

The patch is for FreeBSD but probably also helpful for other BSDs.
Note: my patch is licensed unde a BSD license because some ideas are from OpenSSH.

See also:
http://www.freebsd.org/cgi/query-pr.cgi?pr=157282

Discussion

  • Koichiro IWAO
    Koichiro IWAO
    2011-05-24

    added setsid(2), setlogin(2) to sesman for BSDs

     
  • Koichiro IWAO
    Koichiro IWAO
    2011-10-27

    fixed some bugs in my patch

     
  • Koichiro IWAO
    Koichiro IWAO
    2011-10-27

    fixed some bugs in my patch.

     
  • Koichiro IWAO
    Koichiro IWAO
    2011-10-27

    anyone try my patch?