Re: Request for discussion.

[newsham () aloha net (Timothy Newsham)]

> By the same token, many people dont run /bin/login suid root.  So in this
> instance, you're just swapping one privileged program for another?  Is
> login better to have running as root than telnetd?  I can think of more
> published holes in login.

Login inherently has to be run as root.  It doesn't inherently have to
be suid though.  If you dont want normal users running login from the
command line you can put an ACL on the file (if you have support for
that in your kernel) or you can have the program check the uid of
the invoking process itself (basically an ACL built into the program).

> Also what about changing ownership/permissions of your pty (on BSD based
> pty systems) on login/logout, and writing wtmp records on logout?

Ah.  This is the reason.  This is something I wanted to see fixed a
long time ago.  There are several ways of handling this.  The one
I like is having a program that will write the utmp and chown the
pty all in one step for you.  This program would run at a "utmp"
priveledge level.

> Mailed using ELM on FreeBSD               |                    Karl Strickland
> PGP 2.3a Public Key Available.            | Internet: karl () bagpuss demon co uk