Date: Tue, 16 Jul 1996 10:39:14 -0400 (EDT) From: Brian Tao <taob@io.org> To: Sean Kelly <kelly@fsl.noaa.gov> Cc: phk@freebsd.org, freebsd-security@freebsd.org Subject: Re: suidness of /usr/bin/login Message-ID: <Pine.NEB.3.92.960716103736.13237F-100000@zap.io.org> In-Reply-To: <199607161434.OAA26815@gatekeeper.fsl.noaa.gov>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 16 Jul 1996, Sean Kelly wrote:
>
> exec /usr/bin/login
>
> to terminate one login session and start another, on the same tty/pty.
> In fact, csh/tcsh has a builtin `login' which does the exec.
Other than that, there is no real need for it to be setuid root
(since telnetd and getty are both already running as root). I guess
this would put it under "setuid root subject to local policy".
--
Brian Tao (BT300, taob@io.org, taob@ican.net)
Senior Systems and Network Administrator, Internet Canada Corp.
"Though this be madness, yet there is method in't"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.92.960716103736.13237F-100000>