Why you shouldn't chmod 500 /bin/login

Spencer W. Thomas thomas at utah-gr.UUCP
Wed Nov 21 16:55:16 AEST 1984


In article <1173 at orca.UUCP> andrew at orca.UUCP (Andrew Klossner) writes:
>
>The big win of the builtin shell "login" command is that it logs me out
>and lets you log in without hanging up the modem line.  If you chmod
>500 /bin/login, then the line will drop when exec("/bin/login") fails.
>Inconvenient.

An easy fix (if you have source) is to have /bin/login check if its ppid
== 1, and exit if not.  Foils those recursive logins right away.  Still
doesn't protect against the password collectors, though.  If you don't
have source, compile the little program below (call it ./login) and
	mv /bin/login /etc/login; chmod 500 /etc/login
	cp ./login /bin/login
	chmod 777 /bin/login; chmod u+s /bin/login

/* 
 * Quick hack to prevent recursive logins.  Install as /bin/login, after
 * copying /bin/login to /etc/login (mode 500).  Must be setuid root.
 *
 * NOTE and DISCLAIMER - this is completely untested, I haven't even
 * compiled it.
 */

#include <stdio.h>

main( argc, argv )
char **argv;
{
	if ( getppid() !=1 )
	{
		fprintf( stderr, "Can't do recursive logins\n" );
		exit( 1 );
	}
	execv( "/etc/login", argv );
	perror( "Can't exec login" );
	exit( 1 );
}



More information about the Comp.unix.wizards mailing list