Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.2 9/18/84; site lsuc.UUCP
Path: utzoo!lsuc!dave
From: dave@lsuc.UUCP (David Sherman)
Newsgroups: net.unix-wizards
Subject: Re: Re: UNIX source vs. binary (NOT A LEGAL ARGUMENT)
Message-ID: <427@lsuc.UUCP>
Date: Mon, 18-Feb-85 21:17:37 EST
Article-I.D.: lsuc.427
Posted: Mon Feb 18 21:17:37 1985
Date-Received: Mon, 18-Feb-85 22:28:26 EST
References: <7982@brl-tgr.ARPA> <97@timeinc.UUCP> <440@down.FUN> <1166@sunybcs.UUCP>
Reply-To: dave@lsuc.UUCP (David Sherman)
Organization: Law Society of Upper Canada, Toronto
Lines: 12
Summary: login can't exec a shell file on all systems

In article <1166@sunybcs.UUCP> loverso@sunybcs.UUCP (John Robert LoVerso) writes:
||I've found that a shell (sh or csh) script thats somebody's login shell can't be
||stopped or broken out of w/o logging the person out.  Therefore, the "window
||of vulnerability" is removed.

Sorry, that won't work on v7 systems, where you can't execute a shell
file with exec(2), which is what login uses (execlp, actually).

Dave Sherman
-- 
{utzoo pesnta nrcaero utcs}!lsuc!dave
{allegra decvax ihnp4 linus}!utcsri!lsuc!dave