Patch-ID# 103886-15 Keywords: security password xsun command keyserv helpviewer Dtlogin chmod Synopsis: CDE 1.0.2_x86: dtlogin patch Date: Aug/08/00 Solaris Release: 2.4_x86 2.5_x86 2.5.1_x86 SunOS Release: 5.4_x86 5.5_x86 5.5.1_x86 Unbundled Product: CDE Unbundled Release: 1.0.2_x86 Relevant Architectures: i386 Xref: This patch available for SPARC as patch 103882 BugId's fixed with this patch: 1205631 1253624 1258143 4005735 4067366 4095696 4080371 1249240 4148983 4139823 4149575 4150575 4212342 4248888 4237848 4275258 4276326 4062220 Changes incorporated in this version: 4062220 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: /usr/dt/bin/dtlogin /usr/dt/config/dtlogin.rc Problem Description: 4062220 dtlogin should not be doing a ``chmod("/var", 040775)'' (from 103886-14) 4276326 Dtlogin patch 107180-12 won't allow connections to indirect CDE_login_ (from 103886-13) 4275258 dtlogin X-server can not be started (from 103886-12) 4237848 Action 'Return to Local Host' sometimes does not work fine in dtl (from 103886-11) 4248888 Dtlogin sometimes ignores all child death signals (from 103886-10) 4149575 tt_open() in helpviewer does not work under that a system has 2 ip ports 4150575 dtlogin fails to set user authorization correctly when there are more than 64 vi 4212342 Dtpad action fails with tooltalk error (from 103886-09) 4139823 After installing dtlogin patch 103882-07 no key is set in keyserv (from 103886-08) 4148983 Cannot start command line login (from 103886-07) 1249240 /var/dt and a few subdirs are world writable 4080371 dtlogin tmpfile vulnerability (from 103886-06) 4095696 Xsun -query doesn't work with Solaris 2.5.1 (from 103886-05) synced revision of patch up with sparc version (from 103886-04) 4067366 core file from dtlogin expose user's unencrypted passwd (from 103886-03) repackaging of patch for install problems (from 103886-02) 4005735 CDE 1.1 dtlogin on Solaris 2.4 (and 1.0.x patch) has serious security hole (from 103886-01) 1205631 Dtlogin failed to detect an expired account 1253624 keyboard lockup fix for console logins 1258143 authenticate NIS+ passwords longer than 8 characters Patch Installation Instructions: -------------------------------- Refer to the Install.info file for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. Any other special or non-generic installation instructions should be described below as special instructions. Special Install Instructions: ----------------------------- None.