Path: utzoo!telly!attcan!craig
From: craig@attcan.UUCP (Craig Campbell)
Newsgroups: comp.unix.admin
Subject: Re: Network Logins
Message-ID: <15272@vpk4.UUCP>
Date: 29 May 91 13:30:28 GMT
References: <1991May28.135719.13805@cs.utk.edu>
Reply-To: craig@vpk4.ATT.COM (Craig Campbell)
Organization: AT&T Canada Inc., Toronto
Lines: 25

In article <1991May28.135719.13805@cs.utk.edu> woo@ornl.gov (John W. Wooten) writes:
>Is there a way to set up workstations so that if a user types
> woo@woonext.dsrd.ornl.gov at login, the login procedure would open a telnet  
>session to the machine described without every giving access to the physical  
>machine he's standing in front of?  I'm looking for a way to allow people to
>walk up to a workstation in someone else's office and (with their permission)  
>allow them to access their own workstation without having to have an account  
>opened or without letting them use a terminal window in another users open  
>area.  Has this been done?  Is it doable?  How?

Well, you could replace the /bin/login program with a filter program of your
own.  If the login name is in the form you describe above, then you could 
exec telnet or rlogin or some other appropriate program, with the proper
parameters.  You would aslo need to verify that unexpected input did not
create a security breach, since at the point of time of the exec, your
UID and GID could well be root or sys, or even undefined.
 
If the login name was not of the special form, then pass the parameter(s) to
the "real" (original) login program via another exec.

Seems simple enough (in theory anyway).  Just beware security breaches.

craig