Why you shouldn't chmod 500 /bin/login

Andrew Klossner andrew at orca.UUCP
Mon Nov 19 19:08:07 AEST 1984


[No white space here.  Better luck next time, news eater bug]

	"Make /bin/login mode 500 owned by root and it will fail on
	exec, usually causing /etc/init to fork another copy of itself
	and the new user to thus get a fresh copy of /bin/login for
	normal login, or (perhaps with parentheses) an error message
	from the shell.  This mode also makes realistic login
	simulators (of the sort that want to collect your password)
	harder to write, since they can't just exec /bin/login
	afterwards and leave the user no wiser."

The big win of the builtin shell "login" command is that it logs me out
and lets you log in without hanging up the modem line.  If you chmod
500 /bin/login, then the line will drop when exec("/bin/login") fails.
Inconvenient.

  -- Andrew Klossner   (decvax!tektronix!orca!andrew)       [UUCP]
                       (orca!andrew.tektronix at csnet-relay)  [ARPA]



More information about the Comp.unix.wizards mailing list