In message <9404251805 .
ss1> you write:
>>From: "Mark R. Ludwig" <Mark-Ludwig @
>>Don't remove setUID on /bin/login, for example.
>The only reason for keeping the setUID bit on /bin/login is to
>enable people to say 'login fred', instead of 'exit' followed by
>logging in as fred.
>A very silly idea IM(NS)HO! It means extra code in /bin/sh, /bin/csh
>etc to make login a builtin command which will exec /bin/login,
>rather than fork and exec it as it would any other command.
>Real Unix (i.e. 10th Edition) has abandoned the setUID bit on this
>command. We (Bath University) have run without the setUID bit on
>/bin/login for a number of years.
>I suggest that you remove the setUID bit, and update your manual
>pages to remove the reference to 'login' as being a builtin command.
Doesn't /bin/login write entries (records of logins) into the
/etc/utmp and /var/adm/wtmp files?
If you remove the setuid bit from /bin/login, this means that you
will have to make the utmp and wtmp files writable by all -
if you want to records who logs in - right?
Having /etc/utmp and /var/adm/wtmp writable by the world introduces
its own set of security concerns.