From owner-freebsd-security  Tue Nov 14 15:13:56 1995
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.6.12/8.6.6) id PAA23791
          for security-outgoing; Tue, 14 Nov 1995 15:13:56 -0800
Received: from sequent.kiae.su (sequent.kiae.su [144.206.136.6])
          by freefall.freebsd.org (8.6.12/8.6.6) with SMTP id PAA23748
          ; Tue, 14 Nov 1995 15:13:25 -0800
Received: by sequent.kiae.su id AA02042
  (5.65.kiae-2 ); Wed, 15 Nov 1995 02:00:42 +0300
Received: by sequent.KIAE.su (UUMAIL/2.0); Wed, 15 Nov 95 02:00:42 +0300
Received: (from ache@localhost) by ache.dialup.demos.ru (8.6.12/8.6.12) id BAA02191; Wed, 15 Nov 1995 01:32:33 +0300
To: Peter Wemm <peter@jhome.dialix.com>
Cc: committers@freebsd.org, davidg@Root.COM, security@freebsd.org
References: <Pine.BSF.3.91.951114220712.4688H-100000@jhome.DIALix.COM>
In-Reply-To: <Pine.BSF.3.91.951114220712.4688H-100000@jhome.DIALix.COM>;
    from Peter Wemm at Tue, 14 Nov 1995 22:21:56 +0800 (WST)
Message-Id: <mz1aHgme-7@ache.dialup.demos.ru>
Organization: Olahm Ha-Yetzirah
Date: Wed, 15 Nov 1995 01:32:33 +0300 (MSK)
X-Mailer: Mail/@ [v2.40 FreeBSD]
From: =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?=
    (aka Andrey A. Chernov, Black Mage) <ache@astral.msk.su>
X-Class: Fast
Subject: Re: cvs commit: CVSROOT log_accum.pl
Lines: 24
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Length: 1323
Sender: owner-security@freebsd.org
Precedence: bulk

In message <Pine.BSF.3.91.951114220712.4688H-100000@jhome.DIALix.COM>
    Peter Wemm writes:

>The original implementation in 4.3BSD (or one of the -net releases) 
>apparently the login name stored in the user struct and had it being 
>strictly inherited from parent to child like setuid().  Somewhere along 
>the way, it seems to have changed semantics to something that is somewhat 
>"non-obvious".  (witness the confusion about how to use it in all the 
>code.. even 4.4BSD itself was not compatable with it's own semantics).

>I still think we should move the login name to the "struct ucred" - then 
>the possibility of the entire session being accidently changed would no 
>longer be an issue.  struct ucred is normally 76 bytes long now. Another 
>12 bytes wouldn't hurt all that much... (especially since another 
>transient data structure would shrink as a result to partly offset the cost).

I agree. I is better fix than setlogin() restriction and compatible
with all existen software. Do you have a patch to look at?

-- 
Andrey A. Chernov        : And I rest so composedly,  /Now, in my bed,
ache@astral.msk.su       : That any beholder  /Might fancy me dead -
http://dt.demos.su/~ache : Might start at beholding me,  /Thinking me dead.
RELCOM Team,FreeBSD Team :         E.A.Poe         From "For Annie" 1849