Date: Mon, 15 Sep 1997 10:06:20 +0930 From: Greg Lehey <grog@lemis.com> To: Terry Lambert <tlambert@primenet.com> Cc: "Jordan K. Hubbard" <jkh@time.cdrom.com>, hackers@FreeBSD.ORG Subject: Re: Here's an interesting bug in our utmp handling. Message-ID: <19970915100620.36991@lemis.com> In-Reply-To: <199709142217.PAA25420@usr09.primenet.com>; from Terry Lambert on Sun, Sep 14, 1997 at 10:17:16PM %2B0000 References: <10396.874268145@time.cdrom.com> <199709142217.PAA25420@usr09.primenet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Sep 14, 1997 at 10:17:16PM +0000, Terry Lambert wrote: >> Log in somehow (real login, xterm -ls, whatever) and verify your >> user/[pt]ty combo by doing who(1) and tty(1) commands. Now use >> login(1) to log in as some other user and do the who/tty thing again. >> You'll have a new utmp entry for the user you just logged in as. Now >> log out and do another who(1). You'll have had your utmp entry >> smashed and still show up as the user you logged in and out again as. >> >> Not sure how to fix this one - it's "interesting." :) > > Read the login man page. Login is supposed to be exec'ed by > the shells: > > The standard shells, csh(1) and sh(1), do not fork before executing the > login utility. > > So it is supposed to be impossible to do the "Now log out and do another > who(1)." part of repeating the "problem". Thanks. That's the answer. > If you want to become another user and return to yourself afterwards, > use the "su" command. Since it keeps running, it can change things > like the utmp entry, and put it back afterwards (though it doesn't > fiddle utmp, even when you specify "-l"; that's probably a bug, too). Unfortunately, this isn't. Obviously, if you can return, you sh hasn't exec'ed login, it's forked first. Look: $ ps utpc USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND grog 17431 1.3 0.3 500 288 pc Ss 10:02AM 0:00.27 sh grog 17441 0.0 0.3 640 276 pc R+ 10:03AM 0:00.00 ps -utpc $ login yvonne Password: Last login: Mon Sep 15 10:02:36 on ttypc Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 3.0-CURRENT (FREEBIE) #26: Thu Sep 11 04:58:01 CST 1997 $ ps utpc USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND yvonne 17442 5.3 0.9 1032 880 pc S 10:03AM 0:00.29 -bash (bash) grog 17431 0.5 0.3 500 288 pc Ss 10:02AM 0:00.27 sh yvonne 17454 0.0 0.3 640 272 pc R+ 10:03AM 0:00.00 ps -utpc sh and bash both do this; I haven't checked csh. I don't understand why login should ever be called interactively. We have su for that. Greg
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19970915100620.36991>