Bug 7641 - login does not recognize pts/0 ... in securetty
login does not recognize pts/0 ... in securetty
Product: Red Hat Linux
Classification: Retired
Component: util-linux (Show other bugs)
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Crutcher Dunnavant
Depends On:
  Show dependency treegraph
Reported: 1999-12-06 17:29 EST by dlm
Modified: 2008-05-01 11:37 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2000-02-03 19:07:01 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description dlm 1999-12-06 17:29:20 EST
There does not appear to be any string which can be used in securetty which
will allow network root logins as documented.  In previous versions, ttyp1,
... worked.  In 6.1 (and 6.0 I think) a logged-in user shows, e.g., pts/1,
but using that string in securetty still does not permit a root login.

Removing securetty entirely does allow root login as documented.  This
indicates that the problem is in fact in the interpretation of the file.
Comment 1 Elliot Lee 2000-02-03 19:07:59 EST
I've tried to fix this in pam-0.72-4 - a workaround in the meantime is to put
just the plain tty number (without the 'pts/' prefix) into /etc/securetty.

Putting anything other than local ttys in securetty is meaningless though,
because there is no guarantee that a particular individual or source host will
be assigned to a pty. The possibility is very real for anyone to deny you root
access, or alternatively gain root access themself. You'd at least avoid the DoS
attack by turning off securetty altogether.

Note You need to log in before you can comment on or make changes to this bug.