Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.2 9/18/84; site rlgvax.UUCP
Path: utzoo!linus!philabs!cmcl2!seismo!rlgvax!guy
From: guy@rlgvax.UUCP (Guy Harris)
Newsgroups: net.unix-wizards
Subject: Re: shell scripts as login shells
Message-ID: <503@rlgvax.UUCP>
Date: Tue, 19-Feb-85 21:29:22 EST
Article-I.D.: rlgvax.503
Posted: Tue Feb 19 21:29:22 1985
Date-Received: Thu, 21-Feb-85 05:41:36 EST
References: <7982@brl-tgr.ARPA> <97@timeinc.UUCP> <440@down.FUN> <1166@sunybcs.UUCP> <427@lsuc.UUCP>
Organization: CCI Office Systems Group, Reston, VA
Lines: 16

> In article <1166@sunybcs.UUCP> loverso@sunybcs.UUCP (John Robert LoVerso) writes:
> ||I've found that a shell (sh or csh) script thats somebody's login shell can't be
> ||stopped or broken out of w/o logging the person out.  Therefore, the "window
> ||of vulnerability" is removed.
> 
> Sorry, that won't work on v7 systems, where you can't execute a shell
> file with exec(2), which is what login uses (execlp, actually).

Sorry, that *will* work on V7 (and 4.xBSD, and Sys3, and SysV) systems,
where "execlp" *does* execute a shell file (as long as it has the appropriate
execute permission bit set).  I just tried an account with a shell script
as its login shell on our system (with a System III "login"), and it worked
just fine.

	Guy Harris
	{seismo,ihnp4,allegra}!rlgvax!guy