Re: login -h

guduwinternet.com

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Michael Shanzer: "new version of fingerd"
• Previous message: Luke Mewburn: "Re: Race conditions"
• Maybe in reply to: Bonfield James: "login -h"
• Next in thread: Robert M. Haas: "Re: login -h"

I don't think anyone should rely on wtmp for any kind of security.
Whatof rsh?  Its easy enough to do a rsh <host> xterm -ut -display <foo>
and avoid wtmp detection.  The -ut flag tells xterm to not make a 
entry in utmp and it never considers making a wtmp entry.  I suppose
because it never has permissions to.  The rsh server would have to
make the wtmp entry.  Which is odd it doesn't because it does if
envoke a shell with it.  Hmmmm...

MikeB

• Next message: Michael Shanzer: "new version of fingerd"
• Previous message: Luke Mewburn: "Re: Race conditions"
• Maybe in reply to: Bonfield James: "login -h"
• Next in thread: Robert M. Haas: "Re: login -h"