Bugtraq mailing list archives

Re: disabling login in V1 #14

From: wrf () ecse rpi edu (Wm Randolph Franklin)
Date: Thu, 18 Aug 1994 17:13:43 -0400


Concerning:

We've turned off public execute permission for login. The only thing
this breaks is the ability to type "login foo" and log in as foo after
being logged in as somebody else. su or "rlogin localhost -l foo" are 
perfectly suitable alternatives.


login is somewhat easier than those alternatives, altho not enough
easier to justify keeping it public.

1. su doesn't change over the whole environment, run .login, etc.
su is reversible by typing ^d.  login is and is not, resp.

2. rlogin may be already disabled for various reasonably good
reasons.  This leaves only telnet, if anything.  telnet doesn't
pass window properties.


-----------------
Wm. Randolph Franklin,  wrf () ecse rpi edu, (518) 276-6077;  Fax: -6261
ECSE Dept., 6026 JEC, Rensselaer Polytechnic Inst, Troy NY, 12180 USA
 For more info, including PGP and RIPEM keys, finger -l wrf () ecse rpi edu

Current thread:

Re: Solaris 2.3 login Jas (Aug 11)
- <Possible follow-ups>
- Re: Solaris 2.3 login richard oxbrow (Aug 12)
- Re: Solaris 2.3 login jatipper () vnet IBM COM (Aug 12)
- Re: Solaris 2.3 login Perry E. Metzger (Aug 12)
- Re: Solaris 2.3 login John DiMarco (Aug 12)
  - Re: disabling login in V1 #14 Wm Randolph Franklin (Aug 18)
    - Re: disabling login in V1 #14 matthew green (Aug 19)
- Re: Solaris 2.3 login Peter Wemm (Aug 12)
- Re: Solaris 2.3 login Evil Pete (Aug 12)
- Re: Solaris 2.3 login Marc W. Mengel (Aug 12)
- Re: Solaris 2.3 login Christopher A. Stewart (Aug 12)
- Re: Solaris 2.3 login David Barr (Aug 14)