Date: Sun, 29 Oct 1995 06:54:11 +0800 (WST) From: Peter Wemm <peter@jhome.DIALix.COM> To: Steven Wallace <swallace@ece.uci.edu> Cc: CVS-commiters@freefall.freebsd.org, cvs-gnu@freefall.freebsd.org Subject: Re: cvs commit: src/gnu/usr.bin/rcs/rlog rlog.1 rlog.c Message-ID: <Pine.BSF.3.91.951029064435.356C-100000@jhome.DIALix.COM> In-Reply-To: <199510282239.PAA02672@newport.ece.uci.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 28 Oct 1995, Steven Wallace wrote: > > > hsu 95/10/28 14:51:01 > > > > Modified: gnu/usr.bin/rcs CREDITS NEWS REFS rcstest > ... > > Why is the username listed here hsu and not peter? Hmm. That name is coming from getlogin in the perl code. I know the kernel support behind the getlogin() snd setlogin() system call is buggy (which is a real worry, because is meant to be a secure function, and is used as such for security checking around the place...). For example, if I log in and start xdm, all of a sudden the `logname` (which calls the kernel getlogin() function) *changes* once somebody logs in on the xdm screen. This is *after* xdm has detached from the launching terminal.... My guess is that 'hsu' logged in or out, or ran something in a new process group or session just as the log_accum.pl was being launched from the cvs from the rshd. If cvs or perl can change it's secure username as a non-privileged process, something's wrong. -Peter > Steven
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.951029064435.356C-100000>