fred.umcp-cs@Udel-Relay@sri-unix (09/13/82)
From: Fred Blonder <fred.umcp-cs@Udel-Relay> Date: 9 Sep 82 18:54:58-EDT (Thu) Here's what we did to fix the logging-in-as-someone-else-from-a-subshell loophole in 4.1BSD: In login.c 84a85,90 > > /* Check to see if we are the immediate child process of init */ > if (getppid() > 1) { > printf("This doesn't work anymore bandy.\n"); > exit(1); > } This modification to login allows it to run only if it has been exec-ed by getty, or by a login shell. The getppid (get parent process-id) system call (actually just a variant of getpid) is totally undocumented. I discovered it on 4.1BSD while I was tring to write the same thing as a subroutine. I have no idea as to which (if any) other Unices have it.
mogul.Shasta@Su-Score@sri-unix (09/17/82)
From: Jeff Mogul <mogul.Shasta@Su-Score> Date: Monday, 13 Sep 1982 21:25-PDT Alas, getppid() can be easily fooled, because when the parent dies, the child process is inherited by init. Thus, any one of a number of dodges can be dreamt up, wherein the parent of your modified login program is dead before getppid() is called. -Jeff
jab@Okc-Unix@sri-unix (09/18/82)
From: Jeff Bowles <jab@Okc-Unix>
Date: 14 Sep 1982 12:17:33 EST (Tuesday)
getppid() returns the parent process, UNLESS the parent has exited.
Then the parent of the process is process #1, which is /etc/init.
For example,
main()
{
if(fork() != 0)
exit(0);
printf("getppid() returns %d\n", getppid());
exit(0);
}
could produce a nasty suprise.
Jeff