Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!swrinde!elroy.jpl.nasa.gov!freedom!cornutt
From: cornutt@freedom.msfc.nasa.gov (David Cornutt)
Newsgroups: comp.unix.admin
Subject: Re: Forcing actions at login
Message-ID: <1991Jan23.183151.11363@freedom.msfc.nasa.gov>
Date: 23 Jan 91 18:31:51 GMT
References: <6153@ecs.soton.ac.uk> <446@minya.UUCP> <1991Jan10.191546.268@am.sublink.org> <449@minya.UUCP> <1991Jan16.000012.26467@lokkur.dexter.mi.us> <1991Jan22.023543.934@melb.bull.oz.au> <1991Jan22.185016.15252@freedom.msfc.nasa.gov> <2679@wn1.sci.kun
Organization: MSFC
Lines: 20

.nl>

hansm@cs.kun.nl (Hans Mulder) writes:

[replying to my entry in the Stupid Login Tricks contest]
>It won't work on most systems, as the C shell ignores .cshrc and
>.login files not owned by the effective uid, for security reasons.

I have not encountered this.  If it's true, then the other suggestion
(of having everyone's .login/.cshrc owned by root) won't work either.

You're correct in that there isn't a good way to prevent the ambitious
users from modifying their shell setup somehow, short of totally
locking them into a captive environment where they never see a prompt.

-- 
David Cornutt, New Technology Inc., Huntsville, AL  (205) 461-6457
(cornutt@freedom.msfc.nasa.gov; some insane route applies)
"The opinions expressed herein are not necessarily those of my employer,
not necessarily mine, and probably not necessary."