packages

History

Tianling Shen f45bb2981d ttyd: force enable authentication for login Currently, we called `/usr/libexec/login.sh` as login command, but unfortunately the auth is disabled by default in it[1], and this is really serious as it could be a free "backdoor" for any spoiler who has conntectd to the router via LAN or wireless. In my option, it shouldn't be exposed to anyone without auth, so I set the default login command to `/bin/login`. And for those who really want that, they can do it themselves. 1. `login.sh` adjusts whether use authentication or not from system config named ttylogin, which is set to disabled by default. See package/base-files/files/bin/config_generate#L243. Signed-off-by: Tianling Shen <cnsztl@project-openwrt.eu.org>	2021-02-08 02:03:37 +08:00
..
ttyd.config	ttyd: force enable authentication for login	2021-02-08 02:03:37 +08:00
ttyd.init	ttyd: fix debug config option	2020-08-03 15:47:32 +02:00

ttyd: force enable authentication for login

Currently, we called `/usr/libexec/login.sh` as login command, but unfortunately the auth
is disabled by default in it[1], and this is really serious as it could be a free "backdoor"
for any spoiler who has conntectd to the router via LAN or wireless.

In my option, it shouldn't be exposed to anyone without auth, so I set the default login
command to `/bin/login`. And for those who really want that, they can do it themselves.

1. `login.sh` adjusts whether use authentication or not from system config named ttylogin,
which is set to disabled by default. See package/base-files/files/bin/config_generate#L243.

Signed-off-by: Tianling Shen <cnsztl@project-openwrt.eu.org>

2021-02-08 02:03:37 +08:00

ttyd.config

ttyd: force enable authentication for login

2021-02-08 02:03:37 +08:00

ttyd.init

ttyd: fix debug config option

2020-08-03 15:47:32 +02:00