Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!linus!decvax!harpo!seismo!hao!hplabs!sri-unix!bob@ucla-locus
From: bob%ucla-locus@sri-unix.UUCP
Newsgroups: net.unix-wizards
Subject: Re: Should "su" change the USER environment variable?
Message-ID: <13487@sri-arpa.UUCP>
Date: Wed, 9-Nov-83 13:48:54 EST
Article-I.D.: sri-arpa.13487
Posted: Wed Nov  9 13:48:54 1983
Date-Received: Sat, 12-Nov-83 13:58:50 EST
Lines: 17

From:            Bob English <bob@ucla-locus>

There are many ways of preventing people from putting semi-random
garbage in /etc/utmp.  The simplest way that I know of is to make
login a simple executable file rather than a set-uid program.  If
you want to keep people from fooling themselves, make login mode
700.

I'm not sure that a layered login is a good idea (it invites
look-alikes), but I would be interested in knowing how it was
done if someone has actually done it.

One possibility is to have login fork off the shell (rather than
execing) and clean up when the shell exits.  This is what init
does now for login.

--bob--