Patch Name: PHCO_27694

Patch Description: s700_800 11.11 login(1) cumulative patch

Creation Date: 02/09/13

Post Date:  02/10/03

Hardware Platforms - OS Releases:
	s700: 11.11
	s800: 11.11

Products: N/A

Filesets:
	OS-Core.UX-CORE,fr=B.11.11,fa=HP-UX_B.11.11_32/64,v=HP

Automatic Reboot?: No

Status: General Release

Critical: No

Category Tags:
	defect_repair general_release

Path Name: /hp-ux_patches/s700_800/11.X/PHCO_27694

Symptoms:
	PHCO_27694:
	( SR:8606124940 CR:JAGac40332 )
	Using rlogin(1), users can have more login sessions than is
	limited by the NUMBER_OF_LOGINS_ALLOWED field in the
	/etc/default/security file if no password is required (i.e.
	/etc/hosts.equiv or the user's .rhosts configuration enables
	user to login without a password).

	( SR:8606274668 CR:JAGae38745 )
	User rlogin(1) where no password is required, and with user
	information stored on a remote NIS server which is currently
	unavailable, can cause the rlogin(1) command to appear to
	hang, while the remote system shows excessive CPU usage and
	/etc/wtmp file growth.

	( SR:8606273425 CR:JAGae37513 )
	When the number of logins to the system allowed for each
	user is limited by the NUMBER_OF_LOGINS_ALLOWED field in the
	/etc/default/security file, users whose login names are
	longer than 4 characters are treated as the same user if the
	first 4 characters of the login names are identical.  As a
	result, some users may be disallowed to login with the error
	message "Exceeds number of logins (N) allowed for user USER"
	even though the user "USER" does not have as many login
	sessions as "N" specified by NUMBER_OF_LOGINS_ALLOWED.

	( SR:8606272587 CR:JAGae36725 )
	In trusted mode, failed login attempts are not recorded in
	the audit log.

	PHCO_25526:
	( SR:8606222718 CR:JAGad91830 )
	Login may exit without printing an appropriate message when
	an account is expired or disabled.

	( SR:8606224513 CR:JAGad93601 )
	Login may behave unexpectedly on large terminal imputs.

	PHCO_23900:
	( SR:8606186198 CR:JAGad55403 )
	The TERM environment variable is not carried across the
	session on the first login after an expired password change.

	( SR:8606189604 CR:JAGad58818 )
	Login allows certain shell users excessive freedom.

	( SR:8606170322 CR:JAGad39586 )
	Dialup passwd prompts are not always displayed when
	appropriate.

Defect Description:
	PHCO_27694:
	( SR:8606124940 CR:JAGac40332 )
	Login(1) does not correctly count the number of logins per
	user when no password is required (i.e. /etc/hosts.equiv or
	the user's .rhosts configuration enables user to login
	without a password).

	Resolution:
	Login(1) now correctly counts the number of logins per user
	to enforce the NUMBER_OF_LOGINS_ALLOWED field in the
	/etc/default/security file even when no password is
	required.

	( SR:8606274668 CR:JAGae38745 )
	When rlogin(1) is used with no password required, and the
	remote NIS server is unresponsive, login(1) enters a loop
	during which it incorrectly updates the /etc/wtmp file.

	Resolution:
	Login(1) now aborts the session with an error message
	indicating that login(1) could not retrieve the user's
	detailed user information.

	( SR:8606273425 CR:JAGae37513 )
	Login(1) only uses the first 4 characters of login names
	to enforce the NUMBER_OF_LOGINS_ALLOWED field in the
	/etc/default/security file.

	Resolution:
	Login(1) now checks the entire login name to correctly
	count the number of logins by each user.

	( SR:8606272587 CR:JAGae36725 )
	In trusted mode, login(1) does not record the failed
	login attempts in the audit log.

	Resolution:
	Login(1) in trusted mode now records failed login
	attempts in the audit log.

	PHCO_25526:
	( SR:8606222718 CR:JAGad91830 )
	Login does not correctly handle a return code from PAM
	indicating that an account is disabled or expired.

	Resolution:
	Login now prints out an appropriate message when it
	receives the expired return code from PAM.

	( SR:8606224513 CR:JAGad93601 )
	User input to login is not appropriately verified to ensure
	that it does not overflow an internally allocated buffer.

	Resolution:
	A check has been put into place to ensure that user input
	does not exceed the allowable size.

	PHCO_23900:
	( SR:8606186198 CR:JAGad55403 )
	When login exec's itself after a password change, incorrect
	command line options are passed, causing the setting of the
	TERM environment variable to be lost.

	Resolution:
	Login now correctly re-exec's itself after an expired
	password change.

	( SR:8606189604 CR:JAGad58818 )
	Login should be more stringent in which environment
	variables it allows restricted shell users to set.

	Resolution:
	Login now only allows the DISPLAY and TERM variables to be
	set by restricted shell users unless configured otherwise in
	/etc/default/security (see the security(4) man page.)

	The new default behavior corresponds to a setting of:
	    RSH_SECURITY=2

	It is possible to ease the restrictions and allow the
	setting of any environment variables which are not known to
	be potentially risky. This is done by specifying:
	    RSH_SECURITY=1

	Finally, for compatibility reasons, it is possible to revert
	to the old, excessively permissive behavior by specifying:
	    RSH_SECURITY=0

	( SR:8606170322 CR:JAGad39586 )
	Login presents the user an incorrect number of prompts when
	dialup passwords are in effect.

	Resolution:
	Login now displays the correct number of prompts.

Enhancement:
	No

SR:
	8606124940 8606170322 8606186198 8606189604 8606222718
	8606224513 8606272587 8606273425 8606274668

Patch Files:
	
	OS-Core.UX-CORE,fr=B.11.11,fa=HP-UX_B.11.11_32/64,v=HP:
	/usr/bin/login

what(1) Output:
	
	OS-Core.UX-CORE,fr=B.11.11,fa=HP-UX_B.11.11_32/64,v=HP:
	/usr/bin/login:
		login.c $Date: 2002/09/10 16:23:42 $Revision: r11.11
			/4 PATCH_11.11 (PHCO_27694)
		$Revision: @(#) login CUP11.11_BL2002_0913_6 PATCH_1
			1.11 PHCO_27694
		Fri Sep 13 09:32:08 PDT 2002 $

cksum(1) Output:
	
	OS-Core.UX-CORE,fr=B.11.11,fa=HP-UX_B.11.11_32/64,v=HP:
	2073898969 53248 /usr/bin/login

Patch Conflicts: None

Patch Dependencies: None

Hardware Dependencies: None

Other Dependencies: None

Supersedes:
	PHCO_25526 PHCO_23900

Equivalent Patches: None

Patch Package Size: 80 KBytes

Installation Instructions:
	Please review all instructions and the Hewlett-Packard
	SupportLine User Guide or your Hewlett-Packard support terms
	and conditions for precautions, scope of license,
	restrictions, and, limitation of liability and warranties,
	before installing this patch.
	------------------------------------------------------------
	1. Back up your system before installing a patch.

	2. Login as root.

	3. Copy the patch to the /tmp directory.

	4. Move to the /tmp directory and unshar the patch:

		cd /tmp
		sh PHCO_27694

	5. Run swinstall to install the patch:

		swinstall -x autoreboot=true -x patch_match_target=true \
			  -s /tmp/PHCO_27694.depot

	By default swinstall will archive the original software in 
	/var/adm/sw/save/PHCO_27694.  If you do not wish to retain a
	copy of the original software, include the patch_save_files
	option in the swinstall command above:

		-x patch_save_files=false

	WARNING: If patch_save_files is false when a patch is installed,
		 the patch cannot be deinstalled.  Please be careful
		 when using this feature.

	For future reference, the contents of the PHCO_27694.text file is 
	available in the product readme:

		swlist -l product -a readme -d @ /tmp/PHCO_27694.depot

	To put this patch on a magnetic tape and install from the
	tape drive, use the command:

		dd if=/tmp/PHCO_27694.depot of=/dev/rmt/0m bs=2k

Special Installation Instructions: None