| Title: | DIGITAL UNIX�(FORMERLY KNOWN AS DEC OSF/1) |
| Notice: | Welcome to the Digital UNIX Conference |
| Moderator: | SMURF::DENHAM |
| Created: | Thu Mar 16 1995 |
| Last Modified: | Fri Jun 06 1997 |
| Last Successful Update: | Fri Jun 06 1997 |
| Number of topics: | 10068 |
| Total number of notes: | 35879 |
Hi to all...
I received today a problem with c2 security, Xisso and tty ...
If root disable a tty port, a user try to connect, receive
"Terminal is disabled. See Adminstrator" (something like that)
but login process is still possible ....
I found the following note but no solution ... note 2315...
``C2 tty line locking problem ?'' by ZPOVC::HINSIONG on Tue, 05
Sep 1995 21:31:17 EDT
Hi,
I notice the following problem in C2 tty line locking.
When XIsso is used to lock a particularly tty line, say ttyp3,
users can still log in to the system via this line. A message
"Terminal is disabled. See Adminstrator" (something like that)
will appear just before the login message. The same will happen
when a particular tty is disabled due to number of login failures
exceeding the t_maxtries value. I have tested this in both
V3.2(with all the security patches) and V3.2C and both exhibit the
same behaviour.
The documentation says that when a terminal line is locked and
the "unlock interval" is set to 0 (default), the administrator
will have to manually unlock the line. Is this a bug ?
Rgds,
Lim HIn Siong
``Bug ..'' by KERNEL::MCNULTY on Wed, 06 Sep 1995 02:56:11 EDT
Yes it is a bug. I raised a QAR against this in relation to DEC MLS+,
QAR-36588. According to the response it's a known problem which is fixed
in V4.0, however this is not true. I've just tried this on X4.0-7 and
it displays the same problem.
I will be chasing this with a view to getting a fix for MLS+ and Digital
UNIX.
-jm
I searched on that qar but I didn't find it...
Can somebody have a solution / a patch to these problem ???
Thierry
[Posted by WWW Notes gateway]
| T.R | Title | User | Personal Name | Date | Lines |
|---|---|---|---|---|---|
| 9324.1 | The patch is available | NETRIX::"[email protected]" | Ann Majeske | Fri Mar 28 1997 10:58 | 18 |
Thierry, Did you even bother to check the released patches or try to install any of them? This notes file is here to help people who have real problems. One more point, if you're concerned enought about security that you're running Enhanced security, you should install ALL security related patches. If you had done this, you wouldn't have had this problem. If you don't know how to get to the official patches, check out the web page for the UNIX support group: http://www.zk3.dec.com/dupatchwww/ PS. The patch ID for V3.2c is OSF350-093, listed as a fix for CLD EVT101500. It is a patch to libsecurity.so PPS. The problem was fixed in V4.0, in Baselevel 8. John McNulty was running baselevel 7. That's why he didn't see it. [Posted by WWW Notes gateway] | |||||
| 9324.2 | NETRIX::"[email protected]" | Th FAIDHERBE | Tue Apr 01 1997 01:41 | 6 | |
Thanks for help. Have a nice day, Thierry [Posted by WWW Notes gateway] | |||||