Kerberized telnetd: -a valid option & eight char limit on account names

hwntw hwntw at hotmail.com
Mon Oct 25 09:03:14 EDT 2004


hartmans at MIT.EDU (Sam Hartman) wrote in message news:<tslacue7i4k.fsf at cz.mit.edu>...
> Actually, as I recall, MIT's telnetd will call MIT's login.krb5.
> There do seem to be several username size limits in that program, all
> based on UT_NAMESIZE.
> 
> Looking at Solaris, I think that will get set to 8.
> 
> I suspect that we don't handle the case where utmpx has a longer name
> size than utmp very well.
> 
> I'm not sure what the fix is off the top of my head; forcing
> UT_NAMESIZE to 32 might just work, but you would need to check and
> make sure it didn't create a buffer overflow.
> 
> ________________________________________________
> Kerberos mailing list           Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
TVM,
Is this it?

login.c:#define UT_NAMESIZE     sizeof(((struct utmp *)0)->ut_name)

What would a changed definition look like?
Colin


More information about the Kerberos mailing list