Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.1 (Tek) 9/26/83; site orca.UUCP
Path: utzoo!linus!decvax!tektronix!orca!andrew
From: andrew@orca.UUCP (Andrew Klossner)
Newsgroups: net.unix-wizards
Subject: Why you shouldn't chmod 500 /bin/login
Message-ID: <1173@orca.UUCP>
Date: Mon, 19-Nov-84 04:08:07 EST
Article-I.D.: orca.1173
Posted: Mon Nov 19 04:08:07 1984
Date-Received: Wed, 21-Nov-84 04:48:03 EST
References: <5807@brl-tgr.ARPA> <269@ut-sally.UUCP>
Organization: Tektronix, Wilsonville OR
Lines: 18

[No white space here.  Better luck next time, news eater bug]

	"Make /bin/login mode 500 owned by root and it will fail on
	exec, usually causing /etc/init to fork another copy of itself
	and the new user to thus get a fresh copy of /bin/login for
	normal login, or (perhaps with parentheses) an error message
	from the shell.  This mode also makes realistic login
	simulators (of the sort that want to collect your password)
	harder to write, since they can't just exec /bin/login
	afterwards and leave the user no wiser."

The big win of the builtin shell "login" command is that it logs me out
and lets you log in without hanging up the modem line.  If you chmod
500 /bin/login, then the line will drop when exec("/bin/login") fails.
Inconvenient.

  -- Andrew Klossner   (decvax!tektronix!orca!andrew)       [UUCP]
                       (orca!andrew.tektronix@csnet-relay)  [ARPA]