Why you shouldn't chmod 500 /bin/login
Andrew Klossner
andrew at orca.UUCP
Sun Nov 25 11:25:51 AEST 1984
>In article <1173 at orca.UUCP> andrew at orca.UUCP (Andrew Klossner) writes:
>>
>>The big win of the builtin shell "login" command is that it logs me out
>>and lets you log in without hanging up the modem line. If you chmod
>>500 /bin/login, then the line will drop when exec("/bin/login") fails.
>>Inconvenient.
>
>An easy fix (if you have source) is to have /bin/login check if its ppid
>== 1, and exit if not. Foils those recursive logins right away.
If you use "rlogin", then during network connections, login is run as a
child of a child of /etc/rlogind. Thus, if you install this fix, you
disable remote logins.
-- Andrew Klossner (decvax!tektronix!orca!andrew) [UUCP]
(orca!andrew.tektronix at csnet-relay) [ARPA]
More information about the Comp.unix.wizards
mailing list