Path: utzoo!attcan!uunet!mailrus!cs.utexas.edu!rutgers!cbmvax!ag
From: ag@cbmvax.commodore.com (Keith Gabryelski)
Newsgroups: comp.unix.questions
Subject: Re: 2 passwd system
Message-ID: <13152@cbmvax.commodore.com>
Date: 11 Jul 90 20:30:49 GMT
References: <201@adam.adelaide.edu.au> <3502@sactoh0.UUCP>
Reply-To: ag@cbmvax (Keith Gabryelski)
Organization: Commodore-Amiga Unix; West Chester, PA
Lines: 21

In article <3502@sactoh0.UUCP> jak@sactoh0.UUCP (Jay A. Konigsberg) writes:
>In article <201@adam.adelaide.edu.au> mferrare@adelphi.ua.oz.au.oz.au
(Mark Ferraretto) writes:
>>I want to set up my login procedure to make users use two passwords
>>to login instead of one.
>>
>>The problem I have is if I rewrite /bin/login how to I get getty to
>>recognise my login procedure instead of /bin/login apart from
>>overwriting it (I don't have sources)?  Is rewriting /bin/login the
>>best way to go about this?
>
>A simple solution, if /etc/profile is executed, is to put a second
>login as the first command in /etc/profile.

A user could hit the interrupt key before the first line in /etc/profile
is executed and thus bypass your second attempt at security.

A better way would be to replace the login shell of the user with your
own program that does The Right Thing.

Pax, Keith