Bug 647143
Summary: | If console login, username with about 100 chars are not prompted for a passwd | |||
---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Joachim Backes <joachim.backes> | |
Component: | mingetty | Assignee: | Petr Pisar <ppisar> | |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | |
Severity: | medium | Docs Contact: | ||
Priority: | low | |||
Version: | 14 | CC: | notting, plautrba, ppisar | |
Target Milestone: | --- | |||
Target Release: | --- | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | mingetty-1.08-6.fc13 | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | ||
Clone Of: | ||||
: | 651955 (view as bug list) | Environment: | ||
Last Closed: | 2010-11-23 21:54:48 UTC | Type: | --- | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: |
Description
Joachim Backes
2010-10-27 11:17:28 UTC
(1) Mingetty limits login name to 39 characters. If user supplies longer one, error is reported to syslog, no error message is printed on TTY (security concerns), and mingetty terminates after 5 seconds. If you think user should be informed about exceeding length, we can start to talk about modifying current code. (2) From point of view of mingetty, long login name is fatal internal error, thus it cannot continue by executing login (the name would be clamped and user mislead thinking PAM got full login string). Fatal errors cannot be overcome, this is a feature making your bug report invalid. (In reply to comment #1) > (1) Mingetty limits login name to 39 characters. If user supplies longer one, > error is reported to syslog, no error message is printed on TTY (security > concerns), and mingetty terminates after 5 seconds. > > If you think user should be informed about exceeding length, we can start to > talk about modifying current code. No need for this. But is that limit (39 chars) described anywhere? neither "man mingetty" says anything about that limit, nor "/etc/init/start-ttys.conf". > > (2) From point of view of mingetty, long login name is fatal internal error, > thus it cannot continue by executing login (the name would be clamped and user > mislead thinking PAM got full login string). Cutting the name so only the first 39 chars are used could be an option. > > Fatal errors cannot be overcome, this is a feature making your bug report > invalid. The limit is not documented (there are similar limitations to TTY name etc.). Cutting login name is bad idea as login(1) would get different data than user supplied. I'm strongly against silent mangling. POSIX mandates 9 bytes minimal length including trailing '\0' (limits.h:_POSIX_LOGIN_NAME_MAX). Current GNU/Linux run time limit is 256 (getconf LOGIN_NAME_MAX). I will prepare patch to fulfill the run time limit. mingetty-1.08-6.fc14 has been submitted as an update for Fedora 14. https://admin.fedoraproject.org/updates/mingetty-1.08-6.fc14 mingetty-1.08-6.fc13 has been submitted as an update for Fedora 13. https://admin.fedoraproject.org/updates/mingetty-1.08-6.fc13 mingetty-1.08-6.fc12 has been submitted as an update for Fedora 12. https://admin.fedoraproject.org/updates/mingetty-1.08-6.fc12 This package has changed ownership in the Fedora Package Database. Reassigning to the new owner of this component. mingetty-1.08-6.fc12 has been pushed to the Fedora 12 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update mingetty'. You can provide feedback for this update here: https://admin.fedoraproject.org/updates/mingetty-1.08-6.fc12 mingetty-1.08-6.fc14 has been pushed to the Fedora 14 stable repository. If problems still persist, please make note of it in this bug report. mingetty-1.08-6.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report. mingetty-1.08-6.fc14 runs as expected. Thank you. |