Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.2 9/18/84 SMI; site calma.uucp
Path: utzoo!watmath!clyde!bonnie!akgua!whuxlm!harpo!decvax!decwrl!sun!calma!radzy
From: radzy@calma.uucp (Tim Radzykewycz)
Newsgroups: net.unix-wizards
Subject: Re: users going invisible
Message-ID: <20@calma.uucp>
Date: Mon, 16-Sep-85 14:08:58 EDT
Article-I.D.: calma.20
Posted: Mon Sep 16 14:08:58 1985
Date-Received: Wed, 18-Sep-85 04:47:37 EDT
Reply-To: radzy@calma.UUCP (Tim Radzykewycz)
Organization: GE/Calma Co., R&D Systems Engineering, Milpitas, CA
Lines: 32


  > From: notch@srcsip.UUCP (Michael k Notch)
  > Subject: invisibility.

  > I have heard a rumor that it is possible for a user on 4.2bsd to go
  > invisible to other users. 
  > Has anyone else heard this rumor and possibly confirm it.
  > Also, if it is true, could someone explain to me how it is done.
  > Thanks. I will take this in the strictest confidence.

It is possible for a user on 4.2 to "go invisible".  4.2
keeps login accounting records in a file in one of the
administration directories (I won't say where, mostly because
I don't remember offhand).  It's possible for this to happen
if a system manager cleans out the accounting file when
people are logged in:  the ones who were logged in before the
file gets cleaned up become "invisible" to anyone who does
who(1), w(1), and anything else which tells if they're on.

I presume it would be possible for someone with superuser
privs to write a "logout" record to the file and become
invisible, but I haven't ever seen that happen and don't
see why it would be desirable (other than for those "hackers"
[read: "creeps" :-}] who want to do it "just 'cuz it's possible").

By the way, this doesn't mung any process accounting other
than connect time -- for those of you who keep track of
such things.
-- 
Tim (radzy) Radzykewycz
	calma!radzy@ucbvax.ARPA
	ucbvax!calma!radzy