U-Thorsten Kukuk, umholi weThimba Lezobuchwepheshe Lekusasa kwa-SUSE (Ithimba Lezobuchwepheshe Lekusasa, lithuthukisa i-OpenSUSE MicroOS ne-SLE Micro), owake wahola iphrojekthi ye-SUSE LINUX Enterprise Server iminyaka eyi-10, uphakamise ukuthi kususwe ifayela / var/run/utmp ku. ukusatshalaliswa ukuze kubhekwane ngokugcwele nenkinga ye-Y2038 ku-Glibc. Zonke izinhlelo zokusebenza ezisebenzisa i-utmp, i-wtmp, ne-lastlog zihlongozwa ukuthi zihanjiswe ekutholeni uhlu lwabasebenzisi abasebenzisa i-systemd-logind.
Ngomhla ka-Janawari 19, 2038, izibali zesikhathi ze-epoch ezicaciswe uhlobo lwe-32-bit time_t zizochichima. Ku-Glibc, naphezu kokwethulwa kohlobo lwe-64-bit time_t, ukugcina ukuhambisana nezinhlelo zokusebenza zesikhala somsebenzisi esingu-32-bit, uhlobo lwe-64-bit time_t lusasetshenziswa kwezinye izimo kumaplathifomu angu-32-bit. Icala elilodwa elinjalo yifayela /var/run/utmp, eligcina idatha mayelana nabasebenzisi abangene ohlelweni njengamanje. Inkambu yesikhathi ku-utmp isethwe kusetshenziswa inani le-32-bit time_t.
Ukumane uguqule inkambu ku-utmp ngokuhamba kwesikhathi isuka ku-32-bit iye ohlotsheni lwe-64-bit ngeke kusebenze, njengoba lokhu kuzoshintsha i-Glibc ABI (uhlobo luzoshintsha emisebenzini efana nokungena (), getutid() kanye ne-utmpname()) futhi unqamule ukusebenzisana nezinhlelo zokusebenza ezisebenzisa i-utmp, okuhlanganisa w, ngubani, isikhathi, ukungena ngemvume, su, sudo, useradd, systemd, sysvinit, tcsh, xterm display managers, emacs, openssh, qemu, samba, rsyslog, njll. Ngenxa yobuningi bezingibe ezingaba khona kanye nokusebenza kanzima, umbono wokushintsha ubude obuncane bohlobo lwe-time_t ku-utmp wanqatshwa onjiniyela be-Glibc. Ngesizathu esifanayo, inketho yokusebenzisa isikhala esitholakalayo esakhiweni se-utmp ukuze wengeze inkambu yesikhathi eyengeziwe engu-64-bit yehlisiwe.
Ngaphezu kwalokho, ukushintsha ukujula okuncane kohlobo ku-utmp akuxazululi ezinye izinkinga ezikhona, engingathanda futhi ukuziqeda. Isibonelo, ukubhala ku-utmp kudinga izimvume ezikhethekile, ezidinga amalungelo engeziwe ukuze anikezwe izinqubo. Enye inkinga ukuthi i-architecture ye-utmp ivumela abasebenzisi bendawo ukuthi benze ukuhlasela kwe-DoS okwephula insizakalo ye-utmp ngokusebenzisa ukukhiya kwamafayela, okwenza kube nzima ukuqiniseka ukuthi okuqukethwe kwe-utmp kubonisa isimo sangempela ohlelweni. Kwahlongozwa ukuthi kusetshenziswe inqubo yangemuva eyengeziwe ukuze kusingathwe ukufinyelela ku-utmp, kodwa emisebenzini enjalo sekuvele kunenqubo ye-systemd-logind futhi ukuqala enye inqubo ekhethekile akukhuthazwa (izicelo kuzodingeka zidlulisele idatha kubaphathi ababili ngesikhathi esisodwa) .
Ngesikhathi esifanayo, ngisho nalapho kuxazulula inkinga ngokuhlaselwa kwe-DoS, okuqukethwe kwe-utmp kuhlala kunolwazi kuphela, akuqinisekisi ukubonakaliswa kweqiniso. Isibonelo, amatheminali amatheminali ahlukene kanye namatheminali amaningi akhombisa isimo sawo ngendlela ehlukile - ukusebenzisa amatheminali amahlanu e-GNOME kuzophumela ekubonakaleni komsebenzisi oyedwa ku-utmp, kuyilapho ukusebenzisa amatheminali e-konsole amahlanu noma e-xterm ku-KDE kuzophumela kwabayisithupha. Ngokufanayo, ukuziphatha kwesikrini ne-tmux kuyehluka, esimweni sokuqala iseshini ngayinye ibalwa njengomsebenzisi ohlukile, futhi kwesibili umsebenzisi oyedwa kuphela oboniswa kuzo zonke izikhathi.
Ngenxa yalokho, njengesixazululo esilula, kuhlongozwa ukudlulisa zonke izinhlelo zokusebenza ukuze kusetshenziswe enye isevisi ekhona kakade ye-systemd-logind futhi, ngemva kokuba zingekho izinhlelo zangempela ezifinyelela ku-utmp, yeka ukubhala ku-utmp. Ukuze ungene esikhundleni se-wtmp, kuhlongozwa ukulungisa ama-API okubhala nokufunda ulwazi mayelana nabasebenzisi abasebenzisa i-systemd-journald. I-codebase yokukhishwa okulandelayo kwe-systemd 254 isivele ihlanganisa imisebenzi edingekayo ukuze kuhlinzekwe idatha ye-utmp yokubuyisela nge-libsystemd kusetshenziswa i-sd-login.h API noma nge-DBUS.
Source: opennet.ru