[268] in Kerberos
Kerberos login suggestions
daemon@TELECOM.MIT.EDU (Jeffrey I. Schiller)
Mon Nov 30 00:17:45 1987
From: Jeffrey I. Schiller <jis@BITSY.MIT.EDU>
To: treese@ATHENA.MIT.EDU
Cc: kerberos@ATHENA.MIT.EDU, treese@ATHENA.MIT.EDU
In-Reply-To: <treese@ATHENA.MIT.EDU>'s message of Sun, 29 Nov 87 16:39:54 EST <8711292139.AA06453@CIROCCO.MIT.EDU>
From: <treese@ATHENA.MIT.EDU>
Date: Sun, 29 Nov 87 16:39:54 EST
Situation:
1. I ksu on my workstation.
2. I rlogin to paris as root.
Problems:
1. A "finger" shows "root" logged in. When I notice root logged in
on paris, I always check to see who it is (a little paranoia).
2. My environment is the vanilla root one; there is no way for me
to customize it.
Since login in this situation knows that it is me, logging in with a root
instance, it seems that it could do the following:
1. Note the entry in utmp as something like "#treese" instead of
"root". The '#' indicates that this is really a root login,
similar to the '*' used on a login server. (this change may
actually be in klogind; I don't recall now who does that).
2. login could set two environment variables, KUSER and INSTANCE
that could be used in .login/.cshrc files to customize the
environment.
Comments?
Good idea. All the work is in "login". klogind merely tells
login that "root" is trying to login, "login" is the guy who looks at
the kerberos data to see who it really is.
-Jeff
