Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!rutgers!cs.utexas.edu!uunet!mcvax!hp4nl!pttdis!houten
From: houten@pttdis.UUCP (Karel van Houten)
Newsgroups: comp.bugs.sys5
Subject: Re: Cuserid() is a security hole
Message-ID: <58@pttdis.UUCP>
Date: 13 Jun 89 07:16:08 GMT
References: <289@levels.sait.edu.au> <472@imokay.dec.com> <4563@cheviot.newcastle.ac.uk>
Reply-To: houten@pttdis.UUCP (Karel van Houten)
Organization: PTT Telecom b.v. The Netherlands
Lines: 22

In article <4563@cheviot.newcastle.ac.uk>  writes:
>
>Can  anyone  see  anything  wrong  with  adding something like this to
>getlogin(), to avoid confusion?
>
>        stat( ttyslot_result, statbuf);
>        if (statbuf.st_uid != getuid())
>                return(0);

Sometimes you want to know the login name, even if someone has su-ed to
someonme else.

I have written my own getlogin(), that tries to find a tty on
fd 0, 1, or 2, but ALSO checks that the process has READ permission on that
file descriptor. Getty insures that a tty is in mode 622, so you can
not fake your login name by redirecting input from someone else's tty.


-- 
Karel van Houten, 		INTERNET-style:	houten@pttdis.UUCP
PTT Telecom b.v.		UUCP:		uunet!mcvax!hp4nl!pttdis!houten
's-Gravenhage, The Netherland	VOICE:		+31 70 434947