From: utzoo!decvax!cca!ps@Lbl-Unix@sri-unix
Newsgroups: net.unix-wizards
Title: login
Article-I.D.: sri-unix.3317
Posted: Fri Sep 17 01:21:12 1982
Received: Fri Sep 17 06:30:47 1982

From: ps at Lbl-Unix (Peter Staubach [ou])
Date: 13 Sep 1982 20:23:01-PDT
Instead of hacking on login, why not just either make login NOT setuid
root or just not make it world-executable?  Login does not have to be
either, as login is run by getty which is run by init as root, hence,
it has enough power and can be exec'd provided that any of the exec bits
are on.  This would seem to fix the problem with people using login to
change what utmp thinks.

Also, having people login over themselves messes up the connect time
accounting, at least two people get charged for the same time .

		ps