From owner-freebsd-security  Fri Sep 22  7:19:48 2000
Delivered-To: freebsd-security@freebsd.org
Received: from point.osg.gov.bc.ca (point.osg.gov.bc.ca [142.32.102.44])
	by hub.freebsd.org (Postfix) with ESMTP id 61E5C37B422
	for <freebsd-security@FreeBSD.ORG>; Fri, 22 Sep 2000 07:19:43 -0700 (PDT)
Received: (from daemon@localhost)
	by point.osg.gov.bc.ca (8.8.7/8.8.8) id HAA07949;
	Fri, 22 Sep 2000 07:17:47 -0700
Received: from passer.osg.gov.bc.ca(142.32.110.29)
 via SMTP by point.osg.gov.bc.ca, id smtpda07947; Fri Sep 22 07:17:42 2000
Received: (from uucp@localhost)
	by passer.osg.gov.bc.ca (8.9.3/8.9.1) id HAA16154;
	Fri, 22 Sep 2000 07:16:17 -0700 (PDT)
Received: from cwsys9.cwsent.com(10.2.2.1), claiming to be "cwsys.cwsent.com"
 via SMTP by passer9.cwsent.com, id smtpdT16150; Fri Sep 22 07:15:22 2000
Received: (from uucp@localhost)
	by cwsys.cwsent.com (8.11.0/8.9.1) id e8MEF9o11149;
	Fri, 22 Sep 2000 07:15:09 -0700 (PDT)
Message-Id: <200009221415.e8MEF9o11149@cwsys.cwsent.com>
Received: from localhost.cwsent.com(127.0.0.1), claiming to be "cwsys"
 via SMTP by localhost.cwsent.com, id smtpdv11136; Fri Sep 22 14:14:39 2000
X-Mailer: exmh version 2.1.1 10/15/1999
Reply-To: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>
From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>
X-OS: FreeBSD 4.1-RELEASE
X-Sender: cy
To: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
Cc: "Yuri A. Wolf" <subs@proxy.obk.ru>, freebsd-security@FreeBSD.ORG
Subject: Re: I thinked it is fixed 
In-reply-to: Your message of "Thu, 21 Sep 2000 22:32:53 EDT."
             <200009220232.WAA10152@khavrinen.lcs.mit.edu> 
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Fri, 22 Sep 2000 07:14:38 -0700
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

In message <200009220232.WAA10152@khavrinen.lcs.mit.edu>, Garrett 
Wollman write
s:
> <<On Fri, 22 Sep 2000 09:26:54 +0700 (NOVST), "Yuri A. Wolf" <subs@proxy.obk.
> ru> said:
> 
> > 1. Login normally as root
> > 2. Do the next 
> >  #/usr/bin/login -f userx
> > Now I'm non-root user 'userx'. 
> > 3. Exit back
> >  $^D
> >  #
> > Now I'm root, right? But try to do "who", "who am i", "finger", they all
> > say 'userx'.
> 
> Don't do that then.
> 
> (Perhaps login(8) should fail if it's not the session leader.  I'm not
> sure there's actually a way to reliably detect whether it is or not.)

Solaris does this:

dragon# login -f foobar
No utmpx entry. You must exec "login" from the lowest level "shell".
dragon# 


Regards,                       Phone:  (250)387-8437
Cy Schubert                      Fax:  (250)387-5766
Team Leader, Sun/DEC Team   Internet:  Cy.Schubert@osg.gov.bc.ca
Open Systems Group, ITSD, ISTA
Province of BC





To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message