Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.2 9/18/84; site phri.UUCP
Path: utzoo!watmath!clyde!burl!ulysses!mhuxr!mhuxn!ihnp4!pesnta!phri!roy
From: roy@phri.UUCP (Roy Smith)
Newsgroups: net.unix-wizards
Subject: Re: Question about uid check in csh's source command (recap & summary)
Message-ID: <2108@phri.UUCP>
Date: Fri, 3-Jan-86 11:12:07 EST
Article-I.D.: phri.2108
Posted: Fri Jan  3 11:12:07 1986
Date-Received: Sat, 4-Jan-86 17:12:16 EST
References: <2098@phri.UUCP> <2442@ukma.UUCP>
Distribution: net
Organization: Public Health Research Inst. (NY, NY)
Lines: 28


	To recap, I asked why csh won't source a .login or .cshrc file if
it is not owned by the current user.  I got onto this is because I want to
make csh read a system-wide startup file (/usr/lib/csh.login, for example)
before reading $HOME/.login.

	Thanks to the many people that replied.  Most people said that if
you leave your home directory mode 777 (i.e. writable by others) anybody
can come along and replace your .login with one of their own devious design
(like maybe "rm -rf *").

	I find these arguments a bit absurd.  It's like saying I shouldn't
leave my keys laying on the kitchen table when I go to sleep because if I
forget to lock the front door, anybody could walk in and steal them.

	Once I leave my directory unprotected, anybody can come along and
wreak all sorts of havoc without resorting to anything as subtle as playing
games with my .login file.  Leaving a random shell script called "ls" in my
home directory comes to mind if they wanted to be discrete.  Simply doing
"rm *" is effective if they don't care much for being fancy.

	There is, BTW, a way to get around this uid test.  If you just
define INGRES, the test is skipped.  I suppose simply adding a "-DINGRES"
to the Makefile would be the easiest way to do this.
-- 
Roy Smith <allegra!phri!roy>
System Administrator, Public Health Research Institute
455 First Avenue, New York, NY 10016