Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.2 9/18/84 + RN 4.3; site inset.UUCP
Path: utzoo!watmath!clyde!burl!ulysses!mhuxr!mhuxn!ihnp4!qantel!lll-crg!seismo!mcvax!ukc!stc!inset!nick
From: nick@inset.UUCP (Nick Stoughton)
Newsgroups: net.unix-wizards
Subject: Re: login setuid root
Message-ID: <808@inset.UUCP>
Date: Wed, 27-Nov-85 14:42:39 EST
Article-I.D.: inset.808
Posted: Wed Nov 27 14:42:39 1985
Date-Received: Fri, 29-Nov-85 21:49:58 EST
References: <380@sol1.UUCP>
Reply-To: nick@inset.UUCP (Nick Stoughton)
Organization: The Instruction Set Ltd., London, UK.
Lines: 20
Xpath: stc stc-a

In article <380@sol1.UUCP> john@sol1.UUCP (John Korsmeyer) writes:
>I would appreciate someone filling me in on the advantages/disadvantages
>of running login setuid to root. BTW our login forks, not execs the
>login shell. (for accounting purposes).

If login is not setuid root, then it will fail to setuid to the person
logging in, unless perchance it was root who called login. This means
that calling login when you ARE logged in (and I don't understand the
need to fork) will fail unless you are logging in as yourself, or you
were logged in as root. Also, login needs to write to protected files
(e.g. /etc/utmp).

NOTE forking will probably mean that /etc/utmp gets screwed up
("who am i" when you log out, and revert to the original user, will be
WRONG).
--------
Nick Stoughton
nick@inset.co.uk
nick@inset.UUCP
...!ukc!inset!nick