Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Why does tmpfiles want the "utmp" group for /var/log/btmp ? #6994

Closed
fbuihuu opened this issue Oct 4, 2017 · 4 comments · Fixed by #6997
Closed

Why does tmpfiles want the "utmp" group for /var/log/btmp ? #6994

fbuihuu opened this issue Oct 4, 2017 · 4 comments · Fixed by #6997
Labels
tmpfiles

Comments

@fbuihuu
Copy link
Contributor

fbuihuu commented Oct 4, 2017

We have in tmpfiles.d/var/conf.my:

f /var/log/btmp 0600 root utmp -

What exactly the purpose of setting utmp group on /var/log/btmp as:

  • with mode 600 it doesn't really make sense to have something else but root

  • the group utmp is only used to allow the utempter program to update /run/utmp (resp wtmp). utempter doesn't even touch /var/log/btmp.

Thanks for any suggestions.
@poettering
Copy link
Member

it has been that way since f448d9e was merged.

The group "utmp" is used for permitting tools to modify these databases without having to be root. But you are right 0600 makes little sense for btmp. we should probably bump that to 0660

poettering added a commit to poettering/systemd that referenced this issue Oct 4, 2017
@poettering
tmpfiles: change btmp mode 0600 → 0660
2e2b40d 
As discussed in systemd#6994.

Fixes: systemd#6994
@poettering poettering mentioned this issue Oct 4, 2017
Merged
@poettering
Copy link
Member

I prepped #6997 now, which adjusts the file mode to make things less contradictory. With that patch in place "utmp" members can now manipulate all four databases, which appears to be what the internet assumes the group does and what traditionally was implemented by most distros. (for example, it is implied by this CVE: https://www.exploit-db.com/exploits/17147/)

keszybz pushed a commit that referenced this issue Oct 4, 2017
@poettering @keszybz
tmpfiles: change btmp mode 0600 → 0660 (#6997)
f6e64b7 
As discussed in #6994.

Fixes: #6994
@fayeinseu
Copy link

why the permission of /var/log/btmp cannot be 0664 , just like /var/log/wtmp?

@joshtriplett
Copy link
Contributor

@fayeinseu Historically, because btmp logs usernames for bad login attempts, and one common login failure involves a user typing part or all of their password as their username.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
tmpfiles
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

tmpfiles: change btmp mode 0600 → 0660 poettering/systemd
4 participants
@joshtriplett @fbuihuu @poettering @fayeinseu