Path: utzoo!dptcdc!jarvis.csri.toronto.edu!mailrus!ames!killer!rpp386!spdyne!root From: root@spdyne.UUCP Newsgroups: comp.unix.microport Subject: Re: Microport Status, Net Buyout Message-ID: <1700025@spdyne> Date: 17 Apr 89 22:57:00 GMT References: <27784@cci632.UUCP> Lines: 43 Nf-ID: #R:cci632.UUCP:27784:spdyne:1700025:000:1852 Nf-From: spdyne.UUCP!root Apr 17 16:57:00 1989 plocher%sally@Sun.COM Writes: > +---- In article <1700020@spdyne> Chert Pellett writes: (ME..) > | I'd like to pick up the text prep tools from interactive, but I don't care > | for the rest of the system. [A wonderful example is the way that 'su' is > | broke: if you su [to any user or root], from any tty other than the console, > | it will log you off! > +---- > > In the directory /etc/default there are several text files which you might > want to look at. One of them is called login, another good one is called su. > Edit these and Delete the "CONSOLE=/dev/console" line in each file. This > will allow root logins anywhere (/etc/default/login) and allow anyone to su > from anywhere (/etc/default/su) (as long as they know the correct passwords!) > > You must be root to edit these files. > > Don't blame ISC for this, it is a Good Thing to have! Can you spell > S E C U R I T Y ? Yes, I knew you could. :-) > > -John Plocher Hummm... Can you spell D O C U M E N T A T I O N ? Didn't think so..:-) {Directed toward AT&T - Not John..) Just try to find at least one line of documentation on this... Sigh, I noticed that on Uport, the directory doesn't exist at all! No wonder things are working like I would expect.. Yes, it is more secure to have get_passwd (3S?) only work on the console, but let's be real, Rogue7 uses it! [For Wizard mode...] [Someone else posted that it was the code in get_passwd(3S) that did this checking.] As well as a BUNCH of other similar programs!! That could be used on any port. I would prefer to have Su return an error status and issue the message "Sorry." like it does when you get the password wrong. Logging someone off because they attempted to Su to uucp [or some other user], is just plain stupid. At least having it do it by default is... -Chert Pellett chert@spdyne