Re: why is /bin/login suid root on some systems?

From: Casper H.S. Dik (Casper.Dik@Sun.COM)
Date: 08/28/02


From: Casper H.S. Dik <Casper.Dik@Sun.COM>
Date: 28 Aug 2002 17:06:46 GMT

Ralf Fassel <ralfixx@gmx.de> writes:

>* Barry Margolin <barmar@genuity.net>
>| The builtin checks whether it's being run from a login shell, and
>| reports an error if not. If you execute /bin/login directly, on
>| Solaris 2.6 it checks whether there's a utmpx entry for the current
>| tty; if there isn't, it assumes you're not in a login shell.
>|
>| I don't think early versions had all these checks; they become more
>| necessary with the advent of window systems.

>Just being curious: why would it be necessary to check for a login
>shell before exec login? Any security related issues? Or just that
>`who' does report the wrong things?

Some stuff depends on getlogin(); I remember sending mail after doing
login in a subshell "(login friend)" and logging back out; the mail
still had my friend's name as "from" address.

Casper

-- 
Expressed in this posting are my opinions.  They are in no way related
to opinions held by my employer, Sun Microsystems.
Statements on Sun products included here are not gospel and may
be fiction rather than truth.



Relevant Pages

  • SUMMARY: how to set correct path?
    ... ven if we login with ssh. ... For BASH login shell, place the system wide ENV variables, such as PATH, ... You can set Use_login in the sshd_config to yes and restart sshd. ...
    (SunManagers)
  • Re: Shell confusion
    ... comment about a login shell, ... -bash: xorg.conf: command not found ... root environment which moves me back to /root. ...
    (Fedora)
  • Re: $PATH and /etc/profile
    ... think the debian maintainers would have done this a long time ago? ... > starting X from a login shell. ... .xsession is there for users to set up their system. ... > at their X scripts the xsession is exec'd through a login shell precisely as ...
    (Debian-User)
  • Re: consent to monitoring banner for ssh
    ... # Note that output goes into the .xsession-errors file for easy debugging ... You don't need set the everyone's login shell, ... everyone's login shell to a locally-written perl script. ...
    (RedHat)
  • Re: Detailed logging of ssh sessions
    ... >via ssh). ... come in some way from the login shell. ... I'd just experiment with using script in some way ...
    (freebsd-questions)