ric@ace.sri.com (Richard Steinberger) (09/06/90)
Someone posted a C program to lock a TTY. Here is a shell script that does the same thing. I got much of this from a popular Unix book, Sobell's Practical Guide to the Unix System. (Don't leave home without it. The 2nd edition has this script on p 261, but fails to trap ^Z!). Note that the trap and stty commands are used to lock out ^C and ^Z. regards, ric steinberger ------------------------------cut here-------------------------------- #!/bin/sh # Lock a TTY trap '' 1 2 3 15 stty -echo susp '' echo -n "Password: " read pw_1 echo echo -n "Again: " read pw_2 echo pw_3= #set to null string if [ "$pw_1" = "$pw_2" ] then until [ "$pw_3" = "$pw_2" ] do echo -n "Lock Password: " read pw_3 echo done else echo "Lock passwords do not match." fi stty echo susp '^Z'
ok@goanna.cs.rmit.oz.au (Richard A. O'Keefe) (09/09/90)
In article <ric.652635631@ace>, ric@ace.sri.com (Richard Steinberger) writes: [a UNIX shell script for locking a TTY] It ends with the command > stty echo susp '^Z' ***Please*** don't do that! Why? Because smashing someone's terminal settings when you don't need to is just plain bad manners. Yes, digging the old susp character out of the output of `stty everything` is tricky. Here's one way of doing it #!/bin/sh stty everything 2>/tmp/stty$$ ed /tmp/stty$$ <<'end_of_edit' >/dev/null 1,$-1d $s:.. .. .. .. .. .. :Susp=": $s: .*$:": $s:/:" Dsusp=": w q end_of_edit . /tmp/stty$$ rm /tmp/stty$$ After doing this, $Susp is (for example) "^X" and $Dsusp is (for example) "^Y". Then one can do stty susp "$Susp" dsusp "$Dsusp" to restore these two characters. As well as bad manners, the shell script I'm criticising had a mistake: it switched off the "immediate suspend" character (susp) but not the "suspend when read" character (dsusp). So someone typing ^Y in the middle of a "password" could in fact suspend (and thus bypass) the locker. Hardly secure... -- Psychiatry is not about cure. Psychiatry is about power.