ptb@Mitre-Bedford@sri-unix (08/21/82)
Date: Wed Aug 11 11:22:05 1982 I agree with your ideas (at least on the implementation level) with one exception. The way that you suggested of disabling the "su" to go back as yourself is DANGEROUS, since the user can reset his "USER" environment variable. So now you can have someone issue the following commands: setenv USER root su1 fred exit (or disable, or whatever) Voila! He is now the superuser! Maybe what you would really want is another "int" in the process structure reserved for this hack, but then you would have to recompile everything. Then when you execute your "wait" (or perhaps a new system call??), the system can reload the process uids with this data. One more comment, this seems to lose all notion of real vs. effective uids, too. If something that was written uses them, it will have problems. Speaking for myself, I kinda like "su" the way it is. Peter Baldwin ptb at mitre-bedford