Date: Sun, 14 Sep 1997 22:17:16 +0000 (GMT) From: Terry Lambert <tlambert@primenet.com> To: jkh@time.cdrom.com (Jordan K. Hubbard) Cc: hackers@FreeBSD.ORG Subject: Re: Here's an interesting bug in our utmp handling. Message-ID: <199709142217.PAA25420@usr09.primenet.com> In-Reply-To: <10396.874268145@time.cdrom.com> from "Jordan K. Hubbard" at Sep 14, 97 01:15:45 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> Log in somehow (real login, xterm -ls, whatever) and verify your
> user/[pt]ty combo by doing who(1) and tty(1) commands. Now use
> login(1) to log in as some other user and do the who/tty thing again.
> You'll have a new utmp entry for the user you just logged in as. Now
> log out and do another who(1). You'll have had your utmp entry
> smashed and still show up as the user you logged in and out again as.
>
> Not sure how to fix this one - it's "interesting." :)
Read the login man page. Login is supposed to be exec'ed by
the shells:
The standard shells, csh(1) and sh(1), do not fork before executing the
login utility.
So it is supposed to be impossible to do the "Now log out and do another
who(1)." part of repeating the "problem".
If you want to become another user and return to yourself afterwards,
use the "su" command. Since it keeps running, it can change things
like the utmp entry, and put it back afterwards (though it doesn't
fiddle utmp, even when you specify "-l"; that's probably a bug, too).
Terry Lambert
terry@lambert.org
---
Any opinions in this posting are my own and not those of my present
or previous employers.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199709142217.PAA25420>