Path: utzoo!attcan!uunet!world!bzs
From: bzs@world.std.com (Barry Shein)
Newsgroups: comp.unix.internals
Subject: Re: Finding Passwords
Message-ID: <BZS.90Oct6191703@world.std.com>
Date: 6 Oct 90 23:17:03 GMT
References: <8685@mirsa.inria.fr> <12438:Oct223:00:3290@kramden.acf.nyu.edu>
	<651@puck.mrcu> <21948:Oct606:29:2890@kramden.acf.nyu.edu>
	<52347@brunix.UUCP>
Sender: bzs@world.std.com (Barry Shein)
Organization: The World
Lines: 18
In-Reply-To: cgy@cs.brown.edu's message of 6 Oct 90 17:03:49 GMT


>But why should
>login be setuid?  Seems to me it only really needs to be executed by
>getty, which runs as root anyway.  Flame me if I am completely confused.

you're not completely confused, only a little :-)

People run "login user" directly to re-login as another user, similar
to using su but killing the previous environment. One good reason for
doing this is you want the new environment and logging out/in would
drop a modem connection, not uncommon. This gets around this (there
are other possible situations, of course, but I figured I'd head off
"give me one good reason why...")
-- 
        -Barry Shein

Software Tool & Die    | {xylogics,uunet}!world!bzs | bzs@world.std.com
Purveyors to the Trade | Voice: 617-739-0202        | Login: 617-739-WRLD