Re: who

[paul () BOEHM ORG (Paul Boehm)]

On Wed, Jul 29, 1998 at 01:03:11PM +0100, Alan Cox wrote:
> > which is allowed to read utmp. On redhat linux 5.1 you can
> > easily crash who by many different ways (e.g. try who /bin/bash)
>
> Its not running with any kind of setuid or setgid permissions in any Linux
> I know of.

an admin may want to use sgid/suid to prevent users from directly reading
utmp/wtmp. i think it's good idea, not allowing every one to read files
they don't need to read.

But that group shouldn't be a general group for
all kinds of these special permission handlings,
cause via for example 'who' you can gain access to this group.

i don't know if any distribution defaults to setting any group permissions
but many sysadmins i know do so.

bye,
    pb

--

[ Paul S. Boehm | paul () boehm priv at | http://paul.boehm.org/ | infected@irc ]

Money is what gives a programmer his resources. It's an exchange system created
by human beings. It surrounds us. Works for us, binds the economy together.