Should su change the USER envi - (nf)

vrs at uoregon.UUCP vrs at uoregon.UUCP
Sat Nov 5 18:46:02 AEST 1983


#R:utah-gr:-96900:uoregon:400002:000:1274
uoregon!vrs    Nov  2 14:53:00 1983

	/***** uoregon:net.unix-wizar / utah-gr!thomas *****/
	Subject: Re: Should "su" change the USER environment variable?

	Re: using "login" to gain permissions.

	This is a very bad idea.  We have for a long time had login mode 500,
	owned by root.  It is very easy for someone to push a shell, login as,
	say, "who" (most systems seem to have a who login), then exit the shell,
	leaving the user entry in /etc/utmp as "who".  Thus, all his connect
	time gets charged to overhead (assuming you are doing accounting, of
	course), and in any case, you can't tell what person is REALLY logged in
	there.

	=Spencer

We also protect login highly.  It is VERY easy to write simple shell
script or program which fakes login long enough to get a password,
say 'login incorrect', then exec /bin/login.  Slightly better versions
can be written based on pseudo-ttys or mpx files, but if one is careful
it is very difficult to tell the forgery from the real thing, even if
the forgery is just a C program which is careful to catch signals, etc.

We know because we had a student write one and report (informally) on how
difficult the task was - he had something in about half an hour that was
pretty good, and the next day it was nearly perfect (but slow, since it
was a shell script).



More information about the Comp.unix.wizards mailing list