Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!utgpu!water!watmath!clyde!rutgers!ames!sdcsvax!ucbvax!ucsfcgl!pixar!bp
From: bp@pixar.UUCP
Newsgroups: comp.unix.wizards
Subject: Built-in login command (was umask under 4.3 BSD)
Message-ID: <845@pixar.UUCP>
Date: Thu, 11-Jun-87 00:50:17 EDT
Article-I.D.: pixar.845
Posted: Thu Jun 11 00:50:17 1987
Date-Received: Sat, 13-Jun-87 08:21:46 EDT
References: <7700@brl-adm.ARPA> <20397@sun.uucp> <7430@elsie.UUCP>
Reply-To: bp@pixar.UUCP (Bruce Perens)
Distribution: na
Organization: Pixar -- Marin County, California
Lines: 13
Keywords: /bin/login, umask(), security
Summary: lots of process information passes through the built-in login command.

[ In <7430@elsie.UUCP> Arthur Olson (ado@elsie) wrote about the built-in    ]
[ login command passing the umask to a new login because there's no umask() ]
[ call in 4.3 /bin/login ]

In 4.3, the built-in login command of the shells does indeed pass the umask
to the new login, but this is hardly the only bug born of the built-in
login command: It'll pass resource limits (as in vlimit() and the csh limit
command), and lots of other process information. Sites that are concerned
with security simply chmod /bin/login to 744, so that the built-in login
command won't work and the user must exit the shell to get a new login.

						Bruce Perens
						{ucbvax,sun}!pixar!bp