From: utzoo!decvax!cca!fred.umcp-cs@Udel-Relay@sri-unix
Newsgroups: net.unix-wizards
Title: True login names
Article-I.D.: sri-unix.3254
Posted: Mon Sep 13 14:56:17 1982
Received: Tue Sep 14 05:19:23 1982

From:     Fred Blonder 
Date:     9 Sep 82 18:54:58-EDT (Thu)
Here's what we did to fix the logging-in-as-someone-else-from-a-subshell
loophole in 4.1BSD:

    In login.c
	84a85,90
	> 
	> /* Check to see if we are the immediate child process of init */
	> if (getppid() > 1) {
	> 	printf("This doesn't work anymore bandy.\n");
	> 	exit(1);
	> 	}

This modification to login allows it to run only if it has been exec-ed by
getty, or by a login shell.

The getppid (get parent process-id) system call (actually just a variant of
getpid) is totally undocumented. I discovered it on 4.1BSD while I was tring
to write the same thing as a subroutine. I have no idea as to which (if any)
other Unices have it.