Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!uunet!munnari!davids
From: davids@munnari.oz (David Spaziani)
Newsgroups: comp.unix.xenix
Subject: Re: tty watcher
Message-ID: <1829@munnari.oz>
Date: Thu, 17-Sep-87 23:29:28 EDT
Article-I.D.: munnari.1829
Posted: Thu Sep 17 23:29:28 1987
Date-Received: Sat, 19-Sep-87 18:58:59 EDT
References: <198@flmis06.ATT.COM>
Organization: Comp Sci, Melbourne Uni, Australia
Lines: 28

in article <198@flmis06.ATT.COM>, mikel@flmis06.ATT.COM (Mikel Manitius) says:
> Xref: munnari comp.unix.xenix:342
> 
>>2) is the major point here; there are no tty watchers that consist solely of a
>>user-mode program that drops on top of a non-hacked UNIX system.
> 
> I saw this done on 4.1bsd once, I even had the code that did it. [...]
> 
> This sort of thing should be feasable on most Unix systems...

I worked with two other guys on a tty watcher for 4.2bsd. The idea
was to connect the users shell to a pty, and place a transparent "switch"
process between the tty and the pty. To see what the user was doing,
you could connect to the switch and get a copy of all i/o. The priveledged
user controlling the switch could also do nice things like commandeer
the users shell, change the default shell, log the user out,
or prevent logins altogether (plus a few other things).

The whole thing worked, and without a single hack to the kernel. I still
have the code.

		davids
		======

===========================
UUCP:	{seismo,mcvax,ukc,ubc-vision}!munnari!davids
ARPA:	davids%munnari.oz@seismo.css.gov
CSNET:	davids%munnari.oz@australia