From nobody@FreeBSD.org  Thu Jun 28 00:12:22 2001
Return-Path: <nobody@FreeBSD.org>
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id 42B2537B401
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 28 Jun 2001 00:12:22 -0700 (PDT)
	(envelope-from nobody@FreeBSD.org)
Received: (from nobody@localhost)
	by freefall.freebsd.org (8.11.3/8.11.3) id f5S7CMo66476;
	Thu, 28 Jun 2001 00:12:22 -0700 (PDT)
	(envelope-from nobody)
Message-Id: <200106280712.f5S7CMo66476@freefall.freebsd.org>
Date: Thu, 28 Jun 2001 00:12:22 -0700 (PDT)
From: "Oleg Y. Ivanov" <oleg_y_ivanov@mailru.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: incorrect permissions on log files created by tacacs+ daemon v4
X-Send-Pr-Version: www-1.0

>Number:         28474
>Category:       ports
>Synopsis:       incorrect permissions on log files created by tacacs+ daemon v4
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    joe
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Thu Jun 28 00:20:01 PDT 2001
>Closed-Date:    Mon Nov 26 13:11:43 PST 2001
>Last-Modified:  Mon Nov 26 13:15:17 PST 2001
>Originator:     Oleg Y. Ivanov
>Release:        4.3-stable
>Organization:
>Environment:
FreeBSD votan.dwec.ru 4.3-STABLE FreeBSD 4.3-STABLE #0: Wed Jun 27 12:44:08 MSD 2001     root@votan.dwec.ru:/usr/src/sys/compile/VOTAN  i386

>Description:
tacacs+ as built from port creates it's log file (by default /var/tmp/tac_plus.log) with permissions 666.Path can be changed with -l switch ,permissions are hardcoded.
The problem is when I log on to Cisco's access server,tacacs+ logs password as clear text.

Wed Jun 27 12:38:23 2001 [25815]: verify daemon <password> == NAS <password>
Wed Jun 27 12:38:23 2001 [25815]: Password is correct


By the way , tacacs+ also can write down wtmp-style file (as specified with -w switch), and it's permissions are also hardcoded as 666( see stock /usr/ports/net/tac_plus4/files/patch-ae file)

Both files , if created , will contain sensitive information, so I think permissions should be changed.
>How-To-Repeat:
make ; make install ; /usr/local/sbin/tac_plus -C<your conf file> 
-d<debugging flags>
file /var/tmp/tac_plus.log or
>Fix:
--- report.c.bad_perm	Fri Jun 15 12:30:09 2001
+++ report.c	Fri Jun 15 12:30:37 2001
@@ -160,7 +160,7 @@
     if (debug) {
 	int logfd;
 
-	logfd = open(logfile, O_CREAT | O_WRONLY | O_APPEND, 0666);
+	logfd = open(logfile, O_CREAT | O_WRONLY | O_APPEND, 0600);
 	if (logfd >= 0) {
 	    char buf[512];
 	    time_t t = time(NULL);


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-ports->joe 
Responsible-Changed-By: petef 
Responsible-Changed-When: Sat Aug 25 23:44:11 PDT 2001 
Responsible-Changed-Why:  
Over to one of the maintainers 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=28474 
State-Changed-From-To: open->analyzed 
State-Changed-By: joe 
State-Changed-When: Mon Nov 19 17:20:37 PST 2001 
State-Changed-Why:  
Am I right in thinking that the problem you report isn't a problem 
if you create a directory with sufficiently restrictive permissions 
and specify this as the log and wtmp locations at start time? 

Maybe the correct fix is to add an install time comment that advises 
the user to specify to nail down where they put their logs.  What 
do you think? 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=28474 
State-Changed-From-To: analyzed->closed 
State-Changed-By: joe 
State-Changed-When: Mon Nov 26 13:11:43 PST 2001 
State-Changed-Why:  
I didn't get a response from the submitter. 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=28474 
>Unformatted:
