Path: utzoo!utgpu!watmath!focsys!larry
From: larry@focsys.UUCP (Larry Williamson)
Newsgroups: comp.unix.microport
Subject: Re: 386 3.0e login patch allows root anywhere
Summary: Sure, why not?
Message-ID: <420@focsys.UUCP>
Date: 21 Apr 89 15:44:52 GMT
References: <12502@reed.UUCP>
Reply-To: larry@focsys.UUCP (Larry Williamson)
Organization: Focus Automation Systems, Waterloo, Ontario.
Lines: 22

In article <12502@reed.UUCP> keithb@reed.UUCP (Keith Brown) writes:
> 
>I hacked into the login program and found a one-byte change that moves
>the 'restricted to (main) console' UID from 0 (root) to any other value
> 
> [..]  Should I post it?  

Sure, why not?

But then would it not be easier to simply install the login replacement
that "John F.  Haug II" posted a few weeks back?

You get shadow passwords.

You can define what ports 'root' can log in on.

You have the source, so you don't have to patch binaries.

etc, etc, etc.
-- 
Larry Williamson  -- Focus Systems -- Waterloo, Ontario
                  watmath!focsys!larry  (519) 746-4918