[11388] in Athena Bugs
decmips 7.6G: login
daemon@ATHENA.MIT.EDU (The Unknown User-ID (18271))
Tue Nov 16 20:55:07 1993
To: bugs@MIT.EDU
Date: Tue, 16 Nov 93 20:54:55 EST
From: The Unknown User-ID (18271) <intruder@MIT.EDU>
System name: sofa
Type and version: KN02ca 7.6G
Display type: PMAG-DV
What were you trying to do?
nothing. Someone else was using /bin/login on this
workstation in order to bypass security. (user foo, who's in
/etc/passwd.local, logged on and let user bar run login and log in as
himself - bar's not in /etc/passwd.local)
What's wrong:
It made /etc/passwd unreadable.
What should have happened:
It shouldn't have done that. /etc/passwd's permissions
shouldn't be touched.
Please describe any relevant documentation references:
umm...man login:
The login command ... may be used at any time to change from
one user to another.
