Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.2 9/3/84; site security.UUCP Path: utzoo!linus!security!jjg From: jjg@security.UUCP (Jeff Glass) Newsgroups: net.unix-wizards Subject: Re: 4.2 oddity -- SLOGIN flag in proc.h Message-ID: <940@security.UUCP> Date: Tue, 13-Aug-85 09:46:13 EDT Article-I.D.: security.940 Posted: Tue Aug 13 09:46:13 1985 Date-Received: Wed, 14-Aug-85 02:51:11 EDT References: <607@brl-tgr.ARPA> Reply-To: jjg@security.UUCP (Jeff Glass) Organization: MITRE Corp., Bedford, Ma. Lines: 21 Summary: In article <607@brl-tgr.ARPA> scc%computer-lab.cambridge.ac.uk@ucl-cs.arpa (Stephen Crawley) writes: > Theheader file contains the following line :- > > #define SLOGIN 0x0800000 /* a login process (legit child of init) */ > > However, ps -axl indicates that this bit is not set for any processes. > Indeed, grepping /sys/sys confirmed that SLOGIN isn't referenced anywhere. > While making sure that the flag gets set would seem to be straight forward, > I'm not convinced that it would be stunningly useful. [ What would be > more useful would be if the login shell pid were recorded in /etc/utmp! ] I think this method would be superior to the way that {c,}sh now find that they are login shells (checking if argv[0][0] == '-'). at least one security hole takes advantage of this. I also think Stephen's suggestion (putting the pid in utmp) is pretty neat. /jeff -- security!jjg@mitre-bedford.ARPA (MIL) {allegra,ihnp4,utzoo,philabs,uw-beaver}!linus!security!jjg (UUCP)