Date: Mon, 15 Sep 1997 10:06:20 +0930 From: Greg Lehey <grog@lemis.com> To: Terry Lambert <tlambert@primenet.com> Cc: "Jordan K. Hubbard" <jkh@time.cdrom.com>, hackers@FreeBSD.ORG Subject: Re: Here's an interesting bug in our utmp handling. Message-ID: <19970915100620.36991@lemis.com> In-Reply-To: <199709142217.PAA25420@usr09.primenet.com>; from Terry Lambert on Sun, Sep 14, 1997 at 10:17:16PM %2B0000 References: <10396.874268145@time.cdrom.com> <199709142217.PAA25420@usr09.primenet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Sep 14, 1997 at 10:17:16PM +0000, Terry Lambert wrote:
>> Log in somehow (real login, xterm -ls, whatever) and verify your
>> user/[pt]ty combo by doing who(1) and tty(1) commands. Now use
>> login(1) to log in as some other user and do the who/tty thing again.
>> You'll have a new utmp entry for the user you just logged in as. Now
>> log out and do another who(1). You'll have had your utmp entry
>> smashed and still show up as the user you logged in and out again as.
>>
>> Not sure how to fix this one - it's "interesting." :)
>
> Read the login man page. Login is supposed to be exec'ed by
> the shells:
>
> The standard shells, csh(1) and sh(1), do not fork before executing the
> login utility.
>
> So it is supposed to be impossible to do the "Now log out and do another
> who(1)." part of repeating the "problem".
Thanks. That's the answer.
> If you want to become another user and return to yourself afterwards,
> use the "su" command. Since it keeps running, it can change things
> like the utmp entry, and put it back afterwards (though it doesn't
> fiddle utmp, even when you specify "-l"; that's probably a bug, too).
Unfortunately, this isn't. Obviously, if you can return, you sh
hasn't exec'ed login, it's forked first. Look:
$ ps utpc
USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND
grog 17431 1.3 0.3 500 288 pc Ss 10:02AM 0:00.27 sh
grog 17441 0.0 0.3 640 276 pc R+ 10:03AM 0:00.00 ps -utpc
$ login yvonne
Password:
Last login: Mon Sep 15 10:02:36 on ttypc
Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD 3.0-CURRENT (FREEBIE) #26: Thu Sep 11 04:58:01 CST 1997
$ ps utpc
USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND
yvonne 17442 5.3 0.9 1032 880 pc S 10:03AM 0:00.29 -bash (bash)
grog 17431 0.5 0.3 500 288 pc Ss 10:02AM 0:00.27 sh
yvonne 17454 0.0 0.3 640 272 pc R+ 10:03AM 0:00.00 ps -utpc
sh and bash both do this; I haven't checked csh.
I don't understand why login should ever be called interactively. We
have su for that.
Greg
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19970915100620.36991>