diff options
author | Thomas Osterried <thomas@osterried.de> | 2008-04-13 23:09:31 +0000 |
---|---|---|
committer | Thomas Osterried <thomas@osterried.de> | 2008-04-13 23:09:31 +0000 |
commit | 637e4cd23bc508116fd86d80208b07e33a4ce713 (patch) | |
tree | ca3f4061d9b1ec2c4206caa3d5810135b8ab10ea /ax25/axspawn.8 | |
parent | 1075994389ea9dc3a632b4ab811bce1ada113272 (diff) |
axspawn on embeded systems like openwrt:
on those systems, things are not as you expect. i.e., /bin/login
is a shell script and implements boot-specific actions only
(login without root password, etc..). The assumption that
/bin/login -f username causes user as uid > 0 to login
is wrong; user may gain root rights.
axspawn now implements partially (thus, in the important
points) what login assures.
axspawn should be involked with the option --embeded when
called from ax25d.
Diffstat (limited to 'ax25/axspawn.8')
-rw-r--r-- | ax25/axspawn.8 | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/ax25/axspawn.8 b/ax25/axspawn.8 index 5d6f6b0..8b0ec2d 100644 --- a/ax25/axspawn.8 +++ b/ax25/axspawn.8 @@ -84,6 +84,11 @@ properly. Allow connecting ax25 users to change their username for login. They'll be asked for their real login name. .TP 5 +.B -e, --embeded +Special treatment for axspawn on non-standard conform embeded devices. +I.e. openwrt has no true /bin/login: if you use it as a real login program, +it raises a security hole. +.TP 5 .B -r, --rootlogin Permit login as user root. Cave: only md5 or baycom style is allowed; no plaintext password. |