Why you shouldn't chmod 500 /bin/login
Spencer W. Thomas
thomas at utah-gr.UUCP
Wed Nov 21 16:55:16 AEST 1984
In article <1173 at orca.UUCP> andrew at orca.UUCP (Andrew Klossner) writes:
>
>The big win of the builtin shell "login" command is that it logs me out
>and lets you log in without hanging up the modem line. If you chmod
>500 /bin/login, then the line will drop when exec("/bin/login") fails.
>Inconvenient.
An easy fix (if you have source) is to have /bin/login check if its ppid
== 1, and exit if not. Foils those recursive logins right away. Still
doesn't protect against the password collectors, though. If you don't
have source, compile the little program below (call it ./login) and
mv /bin/login /etc/login; chmod 500 /etc/login
cp ./login /bin/login
chmod 777 /bin/login; chmod u+s /bin/login
/*
* Quick hack to prevent recursive logins. Install as /bin/login, after
* copying /bin/login to /etc/login (mode 500). Must be setuid root.
*
* NOTE and DISCLAIMER - this is completely untested, I haven't even
* compiled it.
*/
#include <stdio.h>
main( argc, argv )
char **argv;
{
if ( getppid() !=1 )
{
fprintf( stderr, "Can't do recursive logins\n" );
exit( 1 );
}
execv( "/etc/login", argv );
perror( "Can't exec login" );
exit( 1 );
}
More information about the Comp.unix.wizards
mailing list