Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!yale!cs.yale.edu!yarvin-norman
From: yarvin-norman@CS.YALE.EDU (Norman Yarvin)
Newsgroups: comp.sys.att
Subject: Re: Who is "logged in" when you are running multiple login windows?
Summary: Cut the Gordian knot..
Keywords: unixpc, 3b1, multiple windows, login, knot, Gordian
Message-ID: <19773@cs.yale.edu>
Date: 22 Mar 90 02:32:03 GMT
References: <871@galaxia.Newport.RI.US>
Sender: news@cs.yale.edu
Reply-To: yarvin-norman@CS.YALE.EDU (Norman Yarvin)
Lines: 36

In article <871@galaxia.Newport.RI.US> dave@galaxia.Newport.RI.US (David H. Brierley) writes:

>The problem I am having is that if there is more than one user logged in on
>the console, which one is the "currently active user".  When one of the
>shifted function keys is pressed I want the program to do a setuid() to the
>currently active user before running the command since otherwise all the
>commands would run as root.  I also need to know who the current user is in
>case the user asks to read his mail.

One solution to this is to have the user start up your program at login.
Then you don't have to worry about running setuid, with all the complexities
and security holes that involves.  Also note that none of the functionality
you discussed (with one exception) needs to be available when the user is not
logged in, and none of the functionality (again with one exception) requires
that one run setuid root.

The one exception is the error icon.  The program that handles /dev/error
should run all the time, and must be setuid.  Mike Ditto's errdemon program
handles this well, for those who can tolerate their messages silently being
written to /usr/adm/errfile.  If you want more than this, I'd suggest
modifying errdemon to put up a window with an icon.  Errdemon is properly
run from /etc/rc, as opposed to the other programs, which can be run by the
user.

Having the user start up your program at login is hard to do with multiple
login windows, because your program will get started as many times as you
have login windows.  This is what my "wind" program was supposed to fix.  It
lets you start up as many new windows as you like within a single login
session.  What is the attraction of logging in twice, anyway?  I can just
type "w1 su joe" if I want to open up a window as user joe.
(gratuitous plug for my program over.)

Of course, we should really move to MGR, but that's another story. :-)

		Norman Yarvin		yarvin-norman@cs.yale.edu
  "Obviously crime pays, or there'd be no crime." -- G. Gordon Liddy